Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp3906300ybi; Mon, 3 Jun 2019 02:16:19 -0700 (PDT) X-Google-Smtp-Source: APXvYqxfAccl3A1HzX4T/U/Zh3jlcj4X6NLLB+W4lJu2pCwvV5WLdV2CRissR6i9sxOmBSaYF3mI X-Received: by 2002:a62:4c5:: with SMTP id 188mr29487880pfe.19.1559553379839; Mon, 03 Jun 2019 02:16:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559553379; cv=none; d=google.com; s=arc-20160816; b=vEOEj9Xo+kb+rP/tpDTnSew+QaJD0q7gkRngNAoakLtb2bTWcdK7KmqwS2OQ0auzG6 tABhQzjbjXSOam5hlEwf5JLatgihlNKq/Q26Beul2v+IpjGkM7ltSXhbpIs/eU7JEWlc C+hm9Md4mMTHTR/yc3mOf1DW55T0fkPmz0y9wIHZoO9lBD0VL6YS9xyAJCVpF3yj0Ebk 87iA2iWGmLukCnmdGACxGV2G0V/i7u3FY69k6G3ZL0jPC5ta4OAwH9qUvY0aBXAFCcLg cOLsGDELD+2Ep59Fr/W6vz+YlIpHVeUwlZyeJ32c9m1BOdoHVT/BbWDw7Y5zH25t35iV sh3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:reply-to:message-id :subject:cc:to:from:date; bh=jwDiMd8xnNfoqc3fBG23B03zjr/XsgRDpVVzzuMyd7M=; b=zW/40gBQldNmTDMkmkbRP73EWIboPxLC9ySin4m4BWInXZcRwBBtZ5dOQtOTzWK2+v y34AybsZlPBhQcdYeddZ7cjMDBRp4/Mlo2cNxrk2E5uL4PXRt0rAGpfcIwwMxhVSbTxE Cbh7Ep+BLUUkrM3hPmtGZ1NeahIsw3e+UDU0w6ZjK7G5ww2T5DPuFfYtC5O8K2zak7/r HO/jNzNJMlP6YYlELJjfOqUNRGOyvQxZtk9dtPlspPQyS2yGq38T2dRy86Rh9w+QCzBT PvQDaJpGsqW4spQ+jEjAWBa4CCxQqg/p55Hh/Xopnut3QuCwRttFuSDXymbolfyYojlE J7pQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r3si17983489plb.14.2019.06.03.02.16.04; Mon, 03 Jun 2019 02:16:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728849AbfFCJN2 (ORCPT + 99 others); Mon, 3 Jun 2019 05:13:28 -0400 Received: from wind.enjellic.com ([76.10.64.91]:34382 "EHLO wind.enjellic.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727961AbfFCJN1 (ORCPT ); Mon, 3 Jun 2019 05:13:27 -0400 Received: from wind.enjellic.com (localhost [127.0.0.1]) by wind.enjellic.com (8.15.2/8.15.2) with ESMTP id x539C8O2013972; Mon, 3 Jun 2019 04:12:08 -0500 Received: (from greg@localhost) by wind.enjellic.com (8.15.2/8.15.2/Submit) id x539C6Fb013971; Mon, 3 Jun 2019 04:12:06 -0500 Date: Mon, 3 Jun 2019 04:12:06 -0500 From: "Dr. Greg" To: Sean Christopherson Cc: Andy Lutomirski , Stephen Smalley , "Xing, Cedric" , William Roberts , Jarkko Sakkinen , James Morris , "Serge E. Hallyn" , LSM List , Paul Moore , Eric Paris , "selinux@vger.kernel.org" , Jethro Beekman , "Hansen, Dave" , Thomas Gleixner , Linus Torvalds , LKML , X86 ML , "linux-sgx@vger.kernel.org" , Andrew Morton , "nhorman@redhat.com" , "npmccallum@redhat.com" , "Ayoun, Serge" , "Katz-zamir, Shay" , "Huang, Haitao" , Andy Shevchenko , "Svahn, Kai" , Borislav Petkov , Josh Triplett , "Huang, Kai" , David Rientjes Subject: Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support) Message-ID: <20190603091206.GA13614@wind.enjellic.com> Reply-To: "Dr. Greg" References: <960B34DE67B9E140824F1DCDEC400C0F654EB487@ORSMSX116.amr.corp.intel.com> <678a37af-797d-7bd5-a406-32548a270e3d@tycho.nsa.gov> <20190530180110.GB23930@linux.intel.com> <20190530211645.GB27551@linux.intel.com> <20190530213601.GC27551@linux.intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190530213601.GC27551@linux.intel.com> User-Agent: Mutt/1.4i X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.3 (wind.enjellic.com [127.0.0.1]); Mon, 03 Jun 2019 04:12:08 -0500 (CDT) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 30, 2019 at 02:36:01PM -0700, Sean Christopherson wrote: Good morning, I hope everyone had a pleasant weekend. > Assuming MRENCLAVE generated by Graphene or any other hosting scheme > are stable[1], then avoiding EXEC means the user can > effectively whitelist what enclaves are runnable by Graphene, even > if the kernel doesn't implement security_enclave_create/init(). > > I agree that it probably isn't all that important, it's more of a > "why not" argument, i.e. what is gained by not using sigstruct as a > proxy? > > [1] What in the world is being attested if MRENCLAVE isn't stable? The cryptographic identity of the entity that signed the enclave and generated the SIGSTRUCT. At the risk of being the monotone in the choir, any relevant SGX security controls require verifying the identity of whoever signed the identity characteristics (SIGSTRUCT) of the image that initiates the execution of an SGX TEE. Other then verifying the initial execution image, the MRENCLAVE value isn't all that relevant. This issue is further evidenced by the fact that sealing data to an enclave uses the MRSIGNER variant of ENCLU[EGETKEY] key derivation. The current work on LSM controls seems to focus on the identity of the entity that is requesting the image to be loaded rather then who actually signed, and presumably authored, the code. As I have previously noted, with SGX2/EDMM, a platform owner may not even have any visibility into the code that an SGX TEE may ultimately load and execute. Any security relevant LSM control in this space has to focus on providing the platform owner the ability to take action based on the contents of the SIGSTRUCT of the initiating image. In addition to the identity of who is requesting the image to be loaded. Have a good week. Dr. Greg As always, Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC. 4206 N. 19th Ave. Specializing in information infra-structure Fargo, ND 58102 development. PH: 701-281-1686 FAX: 701-281-3949 EMAIL: greg@enjellic.com ------------------------------------------------------------------------------ "Experience is something you don't get until just after you need it." -- Olivier