On Tue, Sep 22, 2020 at 08:11:14AM -0700, Dave Hansen wrote: > On 9/22/20 5:58 AM, Jarkko Sakkinen wrote: > > Intel Sofware Guard eXtensions (SGX) allows creation of executable blobs > > called enclaves, of which page permissions are defined when the enclave > > "of which" => "for which" > > > is first loaded. Once an enclave is loaded and initialized, it can be > > mapped to the process address space. > > Could you compare and contrast this a *bit* with existing executables? > What's special about SGX? ELF executables have page permissions inside > the binary too. Why don't we use this mechanism for them? There is no standard file format for enclaves. They are dynamically built. And the way enclaves are used as part of an app and throwing container inside enclave differ. A single format would no work too well for all possible use cases. I cannot formally prove this of course but it is highly unlikely that we could ever define such a format. Thus, the security focus is allow to verify from origin. And the existing ecosystem around SGX is already too large to suddenly move to a single format. User base, I guess, is also an argument. This is not yet mainline code so technically we have zero ABI debt but I still think this is a valid point because SGX is already widely used. I'm not really sure what would be the best way to nail this information to the commit message but I'll try to figure out something before I send the next version of the patch set. /Jarkko
