Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp6482094yba; Tue, 14 May 2019 08:16:35 -0700 (PDT) X-Google-Smtp-Source: APXvYqx51BZ9RE7o7ogpx6XiiJnsrAJZUzxnuZYrW3oRfrPT0We+YC6SSqWOUwjqjeH9pasR76HW X-Received: by 2002:a17:902:56a:: with SMTP id 97mr9113870plf.296.1557846995256; Tue, 14 May 2019 08:16:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557846995; cv=none; d=google.com; s=arc-20160816; b=NOEIknsWLqKicPkyNUwSnLQNHv2jxRoNbQozdEszuVytYg2+vHYx14ngl5xG20nsNL 2TVIkhy7DBQClYKpnjECWu7NIa6K1MgFNRTHmu5mRxiWeJR4/Ze9Uv/QYG/oJrlkc5dj omGnXC0yQqTlyivG9HH4T3CZd5oZ5Re9NhEF9k8VlMpu2ggH+dEacjRdcX1JAJJCyegN KFSwXYR/lLuZsQK2P7t2viSvC5YHxR0lYMXyNmzlIFs1nqRyHLjTD95G0xnXmW6VvCi7 O5E1qceKHZ/mw6un1bWhyuv9ZEuppjIzSk4aBRg+aSdqD+uH6KpmBubaTRCupmEcuxGn COxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=5EyOcl7X7kCRHg9UAWjBUw9r8ACQxGyxB2fxEKhCorA=; b=D7CxwkOk3FDYibGGh2vQVubq1MQ1ttsaZrZh0bmYd/Z3O9BwzzjdF1zRa1B+DyNox8 1hQ09ZvLUduiLwZ1pbYN0OVsGxLFwlJlCLIKnPJxdax/9jfhzxjFHN77zNwRHo1IbqRm LtX7iL5yd6Rb9bG+iC/KPAzoz22fdNm+Y1E0aB+n19R4bhgD0SRi9Gf1ITuQUfa2bxM0 Ps+tGM9egdt6MACyWYpEpj9m7UeQi0SuZor92LmI+9bjwsc/FZFrlAxpKsQcmTRDSL6R U+YeDasiZx4BSVEJIkVgZVkmAoBhQDoaAIAHoDGzLVLRiJ6yZ0QerS8/XDqdUBIpNYiC k5Vw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=lJRjQ7wI; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o61si12477603pld.66.2019.05.14.08.16.18; Tue, 14 May 2019 08:16:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=lJRjQ7wI; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726434AbfENPNv (ORCPT + 99 others); Tue, 14 May 2019 11:13:51 -0400 Received: from mail.kernel.org ([198.145.29.99]:47452 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726060AbfENPNv (ORCPT ); Tue, 14 May 2019 11:13:51 -0400 Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 821092189E for ; Tue, 14 May 2019 15:13:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1557846830; bh=4s1JH387kDlibhLwvYQPkEPbjY6Gw9eLhkTj339NheI=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=lJRjQ7wIvnVVqhMeibjj0qkL1n8Ukyqx/inG9XnyS7L77Il3cTy3JkZTYYglghl6u 2+YrWLNZhDK/jAIUmVHUrOOVIquh0KUaPXHvI6oG3RGwipTYJ/5PLapHSpPwm3GZM8 bu4C5x6jCIUtq2Jv7kNeGmHuGNIHvhxBDEMZ1rTo= Received: by mail-wr1-f49.google.com with SMTP id e15so7258115wrs.4 for ; Tue, 14 May 2019 08:13:50 -0700 (PDT) X-Gm-Message-State: APjAAAXB/secy9iSrCUWKZE7tF4MbHBrj5iKAdC6sDDObn0ARQ3VmleI d9ondSXmzrrUBVGZaPOz6t24P95M/hlUOBHyYT2TrA== X-Received: by 2002:adf:fb4a:: with SMTP id c10mr21405885wrs.309.1557846828943; Tue, 14 May 2019 08:13:48 -0700 (PDT) MIME-Version: 1.0 References: <5854e66a-950e-1b12-5393-d9cdd15367dc@fortanix.com> <960B34DE67B9E140824F1DCDEC400C0F4E885F9D@ORSMSX116.amr.corp.intel.com> <979615a8-fd03-e3fd-fbdb-65c1e51afd93@fortanix.com> <8fe520bb-30bd-f246-a3d8-c5443e47a014@intel.com> <358e9b36-230f-eb18-efdb-b472be8438b4@fortanix.com> <960B34DE67B9E140824F1DCDEC400C0F4E886094@ORSMSX116.amr.corp.intel.com> <6da269d8-7ebb-4177-b6a7-50cc5b435cf4@fortanix.com> <20190513102926.GD8743@linux.intel.com> <20190514104323.GA7591@linux.intel.com> In-Reply-To: <20190514104323.GA7591@linux.intel.com> From: Andy Lutomirski Date: Tue, 14 May 2019 08:13:36 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v20 00/28] Intel SGX1 support To: Jarkko Sakkinen Cc: Andy Lutomirski , Jethro Beekman , "Xing, Cedric" , "Hansen, Dave" , Thomas Gleixner , "Dr. Greg" , Linus Torvalds , LKML , X86 ML , "linux-sgx@vger.kernel.org" , Andrew Morton , "Christopherson, Sean J" , "nhorman@redhat.com" , "npmccallum@redhat.com" , "Ayoun, Serge" , "Katz-zamir, Shay" , "Huang, Haitao" , Andy Shevchenko , "Svahn, Kai" , Borislav Petkov , Josh Triplett , "Huang, Kai" , David Rientjes Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 14, 2019 at 3:43 AM Jarkko Sakkinen wrote: > > On Mon, May 13, 2019 at 01:29:26PM +0300, Jarkko Sakkinen wrote: > > I did study through SDK's file format and realized that it does not > > does make sense after all to embed one. > > > > To implement it properly you would probably need a new syscall (lets say > > sgx_load_enclave) and also that enclaves are not just executables > > binaries. It is hard to find a generic format for them as applications > > range from simply protecting part of an application to running a > > containter inside enclave. > > I'm still puzzling what kind of changes you were discussing considering > SGX_IOC_ENCLAVE_ADD_PAGE. I think it's as simple as requiring that, if SECINFO.X is set, then the src pointer points to the appropriate number of bytes of executable memory. (Unless there's some way for an enclave to change SECINFO after the fact -- is there?) Sadly, we don't really have the a nice in-kernel API for that right now. You could do down_read(mmap_sem) and find_vma(). Arguably there is no value to checking that PKRU allows execute to the data. Hey, Dave, if you're still paying attention to this thread, should we have copy_from_user_exec() that does the right thing wrt the page permissions and PKRU.