On Wed, Nov 18, 2020 at 11:37:55PM +0200, Jarkko Sakkinen wrote:
Good evening, I hope the week is going well for everyone.
> On Wed, Nov 18, 2020 at 07:04:50PM +0100, Borislav Petkov wrote:
> > On Wed, Nov 18, 2020 at 07:58:50PM +0200, Jarkko Sakkinen wrote:
> > > Duh, I sent the fix for the selftest before seeing this.
> >
> > All, good - your static key fix is queued now too. The only thing that's
> > needs work now is the anon inode thing but that can come later.
> Just checking that I got this right: you want me to port my anon
> inode changes from March to be applied on top of tip and send them?
Given this issue, I would submit that you also need to consider the
patch that I sent over the weekend that unconditionally blocks
mmap/mprotect on an initialized enclave.
The issue with a noexec /dev filesystem goes on to confirm that the
page permission callback architecture, while certainly elegant, won't
work given the current architecture of the driver and the SGX hardware
itself.
The stashed page permissions are derived from the enclave permissions
set by the enclave author. To be useful for the JIT model that Andy
described, the 'maximal' permissions would need to include WX.
Setting these types of permissions is problematic, not only from the
perspective of a noexec filesystem, which will presumably get fixed by
the anonymous inode, but it also triggers the very LSM issues that
started the re-design of all this a year ago.
> /Jarkko
Have a good evening.
As always,
Dr. Greg Wettstein, Ph.D, Worker Autonomously self-defensive
Enjellic Systems Development, LLC IOT platforms and edge devices.
4206 N. 19th Ave.
Fargo, ND 58102
PH: 701-281-1686 EMAIL: greg@xxxxxxxxxxxx
------------------------------------------------------------------------------
"Opportunity is missed by most people because it is dressed in overalls
and looks like work."
-- Thomas Edison
