On Mon, Dec 24, 2018 at 05:36:36AM +0000, Jethro Beekman wrote:
> On 2018-12-22 04:41, Jarkko Sakkinen wrote:
> > In order to provide a mechanism for devilering provisoning rights:
> >
> > 1. Add a new file to the securityfs file called sgx/provision that works
> > as a token for allowing an enclave to have the provisioning privileges.
> > 2. Add a new ioctl called SGX_IOC_ENCLAVE_SET_ATTRIBUTE that accepts the
> > following data structure:
> >
> > struct sgx_enclave_set_attribute {
> > __u64 addr;
> > __u64 token_fd;
> > };
> >
> > A daemon could sit on top of sgx/provision and send a file descriptor of
> > this file to a process that needs to be able to provision enclaves.
> >
> > The way this API is used is more or less straight-forward. Lets assume that
> > dev_fd is a handle to /dev/sgx and prov_fd is a handle to sgx/provision.
> > You would allow SGX_IOC_ENCLAVE_CREATE to initialize an enclave with the
> > PROVISIONKEY attribute by
> >
> > params.addr = <enclave address>;
> > params.token_fd = prov_fd;
> >
> > ioctl(dev_fd, SGX_IOC_ENCLAVE_SET_ATTRIBUTE, ¶ms);
>
> I think the attribute handling in this and the previous patch doesn't work.
> How am I supposed to call this ioctl between sgx_encl_alloc and
> sgx_encl_create in sgx_ioc_enclave_create? Even if I somehow manage to call
> this, how is secs->attributes getting set? How do I unset SGX_ATTR_DEBUG?
encl->attributes was previously unused (noticed when I wrote this
patch). It is actually a mask for allowed attributes that is checked
on EINIT. Should rename the variable, yes.
/Jarkko
