On Wed, Nov 18, 2020 at 07:39:50PM -0600, Haitao Huang wrote: Good morning, I hope the week is ending well for everyone. > On Mon, 16 Nov 2020 12:00:23 -0600, Dr. Greg <greg@xxxxxxxxxxxx> wrote: > > >On Thu, Nov 12, 2020 at 02:41:00PM -0800, Andy Lutomirski wrote: > >>It certainly prevents any scheme in which an enclave coordinates > >>with the outside world to do W-and-then-X JIT inside. I'm also not > >>convinced it has any real effect at all unless there's some magic I > >>missed to prevent someone from using mmap(2) to effectively change > >>permissions. > > > >The patch that I posted yesterday addresses the security issue for > >both mmap and mprotect by trapping the permission change request at > >the level of the sgx_encl_may_map() function. > > > >With respect to the W-and-then-X JIT issue, the stated purpose of the > >driver is to implement basic SGX functionality, which is SGX1 > >semantics, it has been stated formally for a year by the developers > >themselves that they are not entertaining a driver that addresses any > >of the issues associated with non-static memory permissions. > The JIT issue is applicable even to SGX1 platforms. We can do EADD > with EPCM.RWX in sec_info and with PTE.RW, EINIT, then mprotect to > set PTE.RX when JIT is done. Correct, which further underscores the point that I am trying make, it is unclear what the current mmap/mprotect protection architecture is accomplishing, since it only enforces EPCM permissions. The hardware is perfectly capable of doing so without assistance from the operating system, in fact, the very reason it was designed was to provide protections in the face of an adversarial operating system. For precisely one year, as of next week, we have engaged in a re-design of this driver, driven by the concern that the previous driver allowed execution of code that bypassed the LSM. So I'm assuming the community has concerns about the possibility of anonymous code execution. If this is the case, the mmap/mprotect protection code in the driver should be implementing some type of control over the execution of anonymous memory, which our patch implements, very simply and very understandably. The other straight forward alternative is a knob that tells the driver to disallow the addition of any page that attempts to set EPCM.XW permissions. As always, corrections gladly accepted if our analysis of the driver or how the hardware itself works is incorrect. > Haitao Have a good weekend. Dr. Greg As always, Dr. Greg Wettstein, Ph.D, Worker Autonomously self-defensive Enjellic Systems Development, LLC IOT platforms and edge devices. 4206 N. 19th Ave. Fargo, ND 58102 PH: 701-281-1686 EMAIL: greg@xxxxxxxxxxxx ------------------------------------------------------------------------------ "My second remark is that our intellectual powers are rather geared to master static relations and that our powers to visualize processes evolving in time are relatively poorly developed." -- Edsger W. Dijkstra