Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp1681312ybt;
        Thu, 25 Jun 2020 11:30:31 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJx1hJa9pbMwT3jezCmBAC1JytU7rgu6VPYz+LYcMC3cHnAq0zWLmBisV6hRIobMrjui6I2x
X-Received: by 2002:a17:906:6959:: with SMTP id c25mr26419601ejs.375.1593109830835;
        Thu, 25 Jun 2020 11:30:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1593109830; cv=none;
        d=google.com; s=arc-20160816;
        b=DitvQYwlzByv/xCN+GSUFIGJv4XQavy94CCyI1EpQ9NkpcddSu9y6zgZDm9KEAQM8G
         +nK9GQ1CQNkAHPGknrjaM/MYnLHBxW5KMvc0hROrVrSm5tfXjJdpE7wZpOIJ5+U09XVU
         muwD/BcJhrmd6Py4scQU8CzdrcY2ysxIg2HkWGwP7SZlJND5eXDzB5YNtIE9GOnd+jdY
         QgcjK3QnzPq/adcW1sIQtGE0V/clAntmBSjVcd6Z8RNdvlXtF/gF+nu3KLHzH6Dfo6W/
         2ueYrTvUSLudXfcyi7UDjTqIW8PTJ8eAFqYlkTtxESSyckne3yy24t3dtf0yemMfsjIl
         eYPA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:ironport-sdr
         :dkim-signature;
        bh=TBJlsNi6EkrGTKSTk1vvF3t132dofHTu9Y2/7H6Ck1I=;
        b=oiEVK5HKxbTdDMwNXEGaEOLvBaSzTxBMknJJGZL1jPrJe8CikIU2M7Uxqbl8bH0G3G
         79+iD5vKL0ZZrEFHckHdGAYGFGf4DzZRxw6tWKKfK5jyOZB5n9wJWHgZb9WXLIk52u+H
         iGjowvswgubRfPADOggPXl789b4+c+7m1l0OC2i1TtXM5f4IQPyfS0jcDWD36cVEo05g
         2OfKB4pU/Qszr53l6GxQ0cPyc9fRwy0LXQ8xaUyRwMZKOals9CkNZNmrzakFYFaNmRGt
         E4CRixl9qpjTICeuyJ+ZB/R88TdW5M1xN+W87ezt/sFeV6t0KquOs8OzjGXWhy5ewZIx
         7WBA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=mM0ISaCR;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id p20si15138462ejg.263.2020.06.25.11.30.06;
        Thu, 25 Jun 2020 11:30:30 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=mM0ISaCR;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2405142AbgFYRhG (ORCPT <rfc822;huangleihappily@gmail.com>
        + 99 others); Thu, 25 Jun 2020 13:37:06 -0400
Received: from smtp-fw-9101.amazon.com ([207.171.184.25]:19634 "EHLO
        smtp-fw-9101.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728181AbgFYRhG (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 25 Jun 2020 13:37:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209;
  t=1593106626; x=1624642626;
  h=subject:to:cc:references:from:message-id:date:
   mime-version:in-reply-to:content-transfer-encoding;
  bh=TBJlsNi6EkrGTKSTk1vvF3t132dofHTu9Y2/7H6Ck1I=;
  b=mM0ISaCRJl3xIBatbS55nGllrYjet+cNLEH9/zDzKOxTEPyQNeURjK2a
   1MEnsN/EVHU0Zqa/6Ob6b7HByUea+/C+rU+onFqmzIoswnlnHLG+HYufG
   M0qG+uxH8I/cuoEFdlTHQK93T8SkKBkJKE0DTn41E6c6YWvJPvtcnDaLi
   w=;
IronPort-SDR: p+c4FLm88WG8ByjniKpF4JhxFLx70kr2tcWp4GyF2O8BFiQKW6LWB1r6rUjEsrvCInEJyd9M8Z
 Xp4sZOtloRlA==
X-IronPort-AV: E=Sophos;i="5.75,280,1589241600"; 
   d="scan'208";a="47011046"
Received: from sea32-co-svc-lb4-vlan3.sea.corp.amazon.com (HELO email-inbound-relay-1a-807d4a99.us-east-1.amazon.com) ([10.47.23.38])
  by smtp-border-fw-out-9101.sea19.amazon.com with ESMTP; 25 Jun 2020 17:37:01 +0000
Received: from EX13MTAUEA002.ant.amazon.com (iad55-ws-svc-p15-lb9-vlan2.iad.amazon.com [10.40.159.162])
        by email-inbound-relay-1a-807d4a99.us-east-1.amazon.com (Postfix) with ESMTPS id 769A3A1788;
        Thu, 25 Jun 2020 17:36:59 +0000 (UTC)
Received: from EX13D16EUB003.ant.amazon.com (10.43.166.99) by
 EX13MTAUEA002.ant.amazon.com (10.43.61.77) with Microsoft SMTP Server (TLS)
 id 15.0.1497.2; Thu, 25 Jun 2020 17:36:58 +0000
Received: from 38f9d34ed3b1.ant.amazon.com (10.43.162.109) by
 EX13D16EUB003.ant.amazon.com (10.43.166.99) with Microsoft SMTP Server (TLS)
 id 15.0.1497.2; Thu, 25 Jun 2020 17:36:48 +0000
Subject: Re: [PATCH v4 17/18] nitro_enclaves: Add overview documentation
To:     Stefan Hajnoczi <stefanha@redhat.com>
CC:     <linux-kernel@vger.kernel.org>,
        Anthony Liguori <aliguori@amazon.com>,
        Benjamin Herrenschmidt <benh@kernel.crashing.org>,
        Colm MacCarthaigh <colmmacc@amazon.com>,
        Bjoern Doebel <doebel@amazon.de>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Frank van der Linden <fllinden@amazon.com>,
        "Alexander Graf" <graf@amazon.de>,
        Greg KH <gregkh@linuxfoundation.org>,
        Martin Pohlack <mpohlack@amazon.de>,
        Matt Wilson <msw@amazon.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Balbir Singh <sblbir@amazon.com>,
        Stefano Garzarella <sgarzare@redhat.com>,
        Stewart Smith <trawets@amazon.com>,
        Uwe Dannowski <uwed@amazon.de>, <kvm@vger.kernel.org>,
        <ne-devel-upstream@amazon.com>
References: <20200622200329.52996-1-andraprs@amazon.com>
 <20200622200329.52996-18-andraprs@amazon.com>
 <20200623085915.GF32718@stefanha-x1.localdomain>
 <746fcd7d-5946-35ec-6471-8bf8dccdf400@amazon.com>
 <20200625131020.GD221479@stefanha-x1.localdomain>
From:   "Paraschiv, Andra-Irina" <andraprs@amazon.com>
Message-ID: <e37f9647-3a29-5619-4c90-26a24dde6a65@amazon.com>
Date:   Thu, 25 Jun 2020 20:36:38 +0300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:68.0)
 Gecko/20100101 Thunderbird/68.9.0
MIME-Version: 1.0
In-Reply-To: <20200625131020.GD221479@stefanha-x1.localdomain>
Content-Language: en-US
X-Originating-IP: [10.43.162.109]
X-ClientProxiedBy: EX13D10UWB001.ant.amazon.com (10.43.161.111) To
 EX13D16EUB003.ant.amazon.com (10.43.166.99)
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 25/06/2020 16:10, Stefan Hajnoczi wrote:
> On Wed, Jun 24, 2020 at 05:39:39PM +0300, Paraschiv, Andra-Irina wrote:
>>
>> On 23/06/2020 11:59, Stefan Hajnoczi wrote:
>>> On Mon, Jun 22, 2020 at 11:03:28PM +0300, Andra Paraschiv wrote:
>>>> +The kernel bzImage, the kernel command line, the ramdisk(s) are part =
of the
>>>> +Enclave Image Format (EIF); plus an EIF header including metadata suc=
h as magic
>>>> +number, eif version, image size and CRC.
>>>> +
>>>> +Hash values are computed for the entire enclave image (EIF), the kern=
el and
>>>> +ramdisk(s). That's used, for example, to check that the enclave image=
 that is
>>>> +loaded in the enclave VM is the one that was intended to be run.
>>>> +
>>>> +These crypto measurements are included in a signed attestation docume=
nt
>>>> +generated by the Nitro Hypervisor and further used to prove the ident=
ity of the
>>>> +enclave; KMS is an example of service that NE is integrated with and =
that checks
>>>> +the attestation doc.
>>>> +
>>>> +The enclave image (EIF) is loaded in the enclave memory at offset 8 M=
iB. The
>>>> +init process in the enclave connects to the vsock CID of the primary =
VM and a
>>>> +predefined port - 9000 - to send a heartbeat value - 0xb7. This mecha=
nism is
>>>> +used to check in the primary VM that the enclave has booted.
>>>> +
>>>> +If the enclave VM crashes or gracefully exits, an interrupt event is =
received by
>>>> +the NE driver. This event is sent further to the user space enclave p=
rocess
>>>> +running in the primary VM via a poll notification mechanism. Then the=
 user space
>>>> +enclave process can exit.
>>>> +
>>>> +[1] https://aws.amazon.com/ec2/nitro/nitro-enclaves/
>>>> +[2] https://www.kernel.org/doc/Documentation/vm/hugetlbpage.txt
>>>> +[3] https://lwn.net/Articles/807108/
>>>> +[4] https://www.kernel.org/doc/html/latest/admin-guide/kernel-paramet=
ers.html
>>>> +[5] https://man7.org/linux/man-pages/man7/vsock.7.html
>>> Is the EIF specification and the attestation protocol available?
>> For now, they are not publicly available. Once the refs are available (e=
.g.
>> AWS documentation, GitHub documentation), I'll include them in the kernel
>> documentation as well.
>>
>> As a note here, the NE project is currently in preview
>> (https://aws.amazon.com/ec2/nitro/nitro-enclaves/) and part of the
>> documentation / codebase will be publicly available when NE is generally
>> available (GA). This will be in addition to the ones already publicly
>> available, like the NE kernel driver.
>>
>> Let me know if I can help with any particular questions / clarifications.
> Thanks!

You are welcome.

Andra



Amazon Development Center (Romania) S.R.L. registered office: 27A Sf. Lazar=
 Street, UBC5, floor 2, Iasi, Iasi County, 700045, Romania. Registered in R=
omania. Registration number J22/2621/2005.