Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp2895315ybi;
        Mon, 10 Jun 2019 00:06:15 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzHYNooVCeAGWQFxLSJ/8BO9GM3K2eAP6e6SmTGiXQGFDMdoSJ+4FS6Tcc4W3noQ/DZHtsI
X-Received: by 2002:a17:90a:9281:: with SMTP id n1mr19148500pjo.25.1560150375489;
        Mon, 10 Jun 2019 00:06:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1560150375; cv=none;
        d=google.com; s=arc-20160816;
        b=c38llptPgXzefiH7+tp+iF+HvLdGtVEmqT5icIgmg6AUHvDQx5wZl7xi22bCYa2qsd
         XA8UBovpd0IC+E90rlGXFjrEbtVDM4tud62ZEE57s9vCkVtDvJmn6n3Mj2+x1lvz8BZp
         1VetXusdh2mAusyXy2/kL512CqyOVTbaL7rxtUuYur2M6xdhJ+ZGqKlrS92NRj/7c8kz
         LXte2VRNZZI1etqqEu4C14hTengcIrAuGplnQkdMPQf/aKR60pX2050vp0yfsUhwmMUC
         fftIZJmyy8C8lmrPjy7xMNxnqZgdR0chjiglimXIsrTmgcHw7XGbK/pDT1QBfec1lKi2
         NMVA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from;
        bh=I/hWoJmviafPt75T+A2emG35t/6lqbxIGmknMRA+TB4=;
        b=qH8o5lLdKggznThSUUzxFmogL1HHlhyoM9w9RFJMSPZecBBE0jE4EQ2sGlF5a65JAf
         SBejqO/smeSY0XUylVEXvDoCmMYdOtIM4jEm0qzF3sWxr5/oKs7mAd4/mXyInsy3e8XB
         VJ0qItbdUGvPHAc6cDjSMF48sgm42Xc2StFc7j4/EzRdyRpm1EqGsj/cZ7eSKgxgo3cB
         GxP7I0sxlcI/D3J5VnyBp5/y4vJ8S4S32tw37c/SvYrfPWt03G11/tNv+NLQ5RYT21/Z
         LBx/+265ENsWIEI7bw7T3JNpnRuWbXqHpcbujd+JzesAeSU3nd25+epwm+bxyKJSN0uY
         8F3g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p5si8842905pgk.352.2019.06.10.00.05.59;
        Mon, 10 Jun 2019 00:06:15 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2387821AbfFJHDK (ORCPT <rfc822;linux.htchiang@gmail.com>
        + 99 others); Mon, 10 Jun 2019 03:03:10 -0400
Received: from mga04.intel.com ([192.55.52.120]:3981 "EHLO mga04.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S2387582AbfFJHDK (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 10 Jun 2019 03:03:10 -0400
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga001.fm.intel.com ([10.253.24.23])
  by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Jun 2019 00:03:09 -0700
X-ExtLoop1: 1
Received: from bxing-mobl.amr.corp.intel.com (HELO ubt18m.amr.corp.intel.com) ([10.255.90.159])
  by fmsmga001.fm.intel.com with ESMTP; 10 Jun 2019 00:03:08 -0700
From:   Cedric Xing <cedric.xing@intel.com>
To:     linux-security-module@vger.kernel.org, selinux@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-sgx@vger.kernel.org
Cc:     Cedric Xing <cedric.xing@intel.com>,
        jarkko.sakkinen@linux.intel.com, luto@kernel.org,
        sds@tycho.nsa.gov, jmorris@namei.org, serge@hallyn.com,
        paul@paul-moore.com, eparis@parisplace.org, jethro@fortanix.com,
        dave.hansen@intel.com, tglx@linutronix.de,
        torvalds@linux-foundation.org, akpm@linux-foundation.org,
        nhorman@redhat.com, pmccallum@redhat.com, serge.ayoun@intel.com,
        shay.katz-zamir@intel.com, haitao.huang@intel.com,
        andriy.shevchenko@linux.intel.com, kai.svahn@intel.com,
        bp@alien8.de, josh@joshtriplett.org, kai.huang@intel.com,
        rientjes@google.com, william.c.roberts@intel.com,
        philip.b.tricca@intel.com
Subject: [RFC PATCH v1 0/3] security/x86/sgx: SGX specific LSM hooks
Date:   Mon, 10 Jun 2019 00:03:03 -0700
Message-Id: <cover.1560131039.git.cedric.xing@intel.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20190606021145.12604-1-sean.j.christopherson@intel.com>
References: <20190606021145.12604-1-sean.j.christopherson@intel.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

This series intends to make the new SGX subsystem and the existing LSM
architecture work together smoothly so that, say, SGX cannot be abused to work
around restrictions set forth by LSM. This series applies on top of Jarkko
Sakkinen's SGX series v20 (https://lkml.org/lkml/2019/4/17/344), where abundant
details of this SGX/LSM problem could be found.

This series is an alternative to Sean Christopherson's recent RFC series
(https://lkml.org/lkml/2019/6/5/1070) that was trying to solve the same
problem. The key problem is for LSM to determine the "maximal (most permissive)
protection" allowed for individual enclave pages. Sean's approach is to take
that from user mode code as a parameter of the EADD ioctl, validate it with LSM
ahead of time, and then enforce it inside the SGX subsystem. The major
disadvantage IMHO is that a priori knowledge of "maximal protection" is needed,
but it isn't always available in certain use cases. In fact, it is an unusual
approach to take "maximal protection" from user code, as what SELinux is doing
today is to determine "maximal protection" of a vma using attributes associated
with vma->vm_file instead. When it comes to enclaves, vma->vm_file always
points /dev/sgx/enclave, so what's missing is a new way for LSM modules to
remember origins of enclave pages so that they don't solely depend on
vma->vm_file to determine "maximal protection".

This series takes advantage of the fact that enclave pages cannot be remapped
(to different linear address), therefore the pair of { vma->vm_file,
linear_address } can be used to uniquely identify an enclave page. Then by
notifying LSM on creation of every enclave page (via a new LSM hook -
security_enclave_load), LSM modules would be able to track origin and
protection changes of every page, hence be able to judge correctly upon
mmap/mprotect requests.

Cedric Xing (3):
  LSM/x86/sgx: Add SGX specific LSM hooks
  LSM/x86/sgx: Implement SGX specific hooks in SELinux
  LSM/x86/sgx: Call new LSM hooks from SGX subsystem

 arch/x86/kernel/cpu/sgx/driver/ioctl.c |  72 +++++-
 arch/x86/kernel/cpu/sgx/driver/main.c  |  12 +-
 include/linux/lsm_hooks.h              |  33 +++
 include/linux/security.h               |  26 +++
 security/security.c                    |  21 ++
 security/selinux/Makefile              |   2 +
 security/selinux/hooks.c               |  77 ++++++-
 security/selinux/include/intel_sgx.h   |  18 ++
 security/selinux/include/objsec.h      |   3 +
 security/selinux/intel_sgx.c           | 292 +++++++++++++++++++++++++
 10 files changed, 545 insertions(+), 11 deletions(-)
 create mode 100644 security/selinux/include/intel_sgx.h
 create mode 100644 security/selinux/intel_sgx.c

-- 
2.17.1