Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp3421355ybz; Mon, 4 May 2020 02:39:29 -0700 (PDT) X-Google-Smtp-Source: APiQypI9Dy7GV3XxfT9FGAgv4Rdj2RnavpmKNYyaPMZ7nChdV/Dx3XD/fqlUMUrLceYjMlnrC3kX X-Received: by 2002:a17:906:4e46:: with SMTP id g6mr13781200ejw.36.1588585169255; Mon, 04 May 2020 02:39:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588585169; cv=none; d=google.com; s=arc-20160816; b=osM3gDVV+C+jebFJsdnZqUOpKKunDZcc0mUiFp7JZAB4orOlvQ3fXR9AFIfQCC7NKj 07aZeEHrvJPNIGIgcvlAfW/f7Qq3cuNRLNuHn3lSlguDf3qxMYhHUc2h480Qv2szQOzY 4ZYG24SuyDIuRUVBvVQDn8kaE2/SSfKGIjnxzvPwCI8Ci/PvKBHnJ+AgnaMVtrfj1g/d iU7E8tagCOG+oRDMmdu1DrSUkZWEUreNxh4oSUFcrug0OtZ2Js14MnawbACUiuJlwdlX o5+0MjJ4i+n/4sNXOAVXqpxWe9u17+y1bg14iT7uDGBKwOrag5KV71aTmyJJjMA6U7xs OqEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:reply-to:message-id :subject:cc:to:from:date; bh=cSxhFy11sA4am8++x8sEwBSC35/BKSBQ7atP0CcHa6Y=; b=gZ9S7Ckaqp2APSS7ckcfy+G0HkwmPuIPkphzbGgyV4d5AE9z652x4WIQHRk8liY/RR /IpeUAm0dE0mPdSNqk+G9LOMt77kenlo7RgbBRGls45k7f+ddC1NkTlP7mOsRpE30ios CgoPzKP8rlLv7Rj5cytyqBa4mF3SVX6Arm2ZcPMxL4mJuxpcCPpvPpofu+70lsUr37Xw zeQYT1rjBll4Ti8sw6LaeCpKFHG/Il7p+6JjTxMBu13pd/0FVgZKxSDwnois2m5aMVLP obPz7paCpNTsvKUI8V+V9jRepSoxuDUQ8akkKfTxGoEeEGb1/Ex6FMJeUbq7lUffygcs m4RA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k5si6100872edr.491.2020.05.04.02.39.04; Mon, 04 May 2020 02:39:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728339AbgEDJfD (ORCPT + 99 others); Mon, 4 May 2020 05:35:03 -0400 Received: from wind.enjellic.com ([76.10.64.91]:42948 "EHLO wind.enjellic.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726625AbgEDJfD (ORCPT ); Mon, 4 May 2020 05:35:03 -0400 Received: from wind.enjellic.com (localhost [127.0.0.1]) by wind.enjellic.com (8.15.2/8.15.2) with ESMTP id 0449YXRD005741; Mon, 4 May 2020 04:34:33 -0500 Received: (from greg@localhost) by wind.enjellic.com (8.15.2/8.15.2/Submit) id 0449YWfb005740; Mon, 4 May 2020 04:34:32 -0500 Date: Mon, 4 May 2020 04:34:32 -0500 From: "Dr. Greg" To: Andy Lutomirski Cc: Jarkko Sakkinen , Sean Christopherson , torvalds@linux-foundation.org, linux-kernel@vger.kernel.org, x86@kernel.org, linux-sgx@vger.kernel.org, akpm@linux-foundation.org, dave.hansen@intel.com, nhorman@redhat.com, npmccallum@redhat.com, haitao.huang@intel.com, andriy.shevchenko@linux.intel.com, tglx@linutronix.de, kai.svahn@intel.com, bp@alien8.de, josh@joshtriplett.org, luto@kernel.org, kai.huang@intel.com, rientjes@google.com, cedric.xing@intel.com, puiterwijk@redhat.com Subject: Re: [PATCH v29 00/20] Intel SGX foundations Message-ID: <20200504093432.GA5382@wind.enjellic.com> Reply-To: "Dr. Greg" References: <20200502230510.GA28470@wind.enjellic.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.3 (wind.enjellic.com [127.0.0.1]); Mon, 04 May 2020 04:34:33 -0500 (CDT) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, May 02, 2020 at 05:48:30PM -0700, Andy Lutomirski wrote: Good morning, I hope the week is starting well for everyone. > > On May 2, 2020, at 4:05 PM, Dr. Greg wrote: > > In a nutshell, the driver needs our patch that implements > > cryptographic policy management. > > > > A patch that: > > > > 1.) Does not change the default behavior of the driver. > > > > 2.) Implements capabilities that are consistent with what the hardware > > was designed to do, but only at the discretion of the platform owner. > > > > 3.) Has no impact on the driver architecture. > > > > The only consumer for this driver are SGX runtimes. To our knowledge, > > there exist only two complete runtime implementations, Intel's and > > ours. It us unclear why our approach to the use of the technology > > should be discriminated against when it doesn't impact the other user > > community. > Can you clarify how exactly this patch set discriminates against > your stack? The driver has no provisions for implementing cryptographically based SGX policy management of any type. Our stack is extremely lightweight with no external dependencies and is used in privacy and security sensitive applications, including financial services of certain types. There is a desire in this, and other venues, to use cloud and edge resources with a strong guarantee that the platforms have only had a known set of behaviors. The current DAC based controls in the driver are insufficient to provide those guarantees. I believe I have discussed our use of SGX previously. In a nutshell, we use SGX based modeling engines to supervise kernel based behavioral namespaces, one enclave per namespace. The closest equivalent work that we have seen may be the IPE architecture advanced by Deven Bowers at Microsoft but we address a number of issues that work does not, including non-kernel based behavioral supervision. We support the concern over hardware locked platforms and do not disagree with the driver not supporting those platforms. That being said, there is no technical rationale for not providing cryptographic policy management on FLC based platforms, as I believe our patch demonstrates. Best wishes for a productive week. Dr. Greg As always, Dr. Greg Wettstein, Ph.D, Worker Artisans in autonomously Enjellic Systems Development, LLC self-defensive platforms. 4206 N. 19th Ave. Fargo, ND 58102 PH: 701-281-1686 EMAIL: greg@enjellic.com ------------------------------------------------------------------------------ "Can't they? A 64bit number incremented every millisecond can grow for half a billion years. As far as I'm concerned, that is forever." -- Neil Brown linux-raid