On 9/14/19 6:41 AM, Jarkko Sakkinen wrote: > > The proposed LSM hooks give the granularity to make yes/no decision > based on the > > * The origin of the source of the source for the enclave. > * The requested permissions for the added or mapped peage. > > The hooks to do these checks are provided for mmap() and EADD > operations. > > With just file permissions you can still limit mmap() by having a > privileged process to build the enclaves and pass the file descriptor > to the enclave user who can mmap() the enclave within the constraints > set by the enclave pages (their permissions refine the roof that you > can mmap() any memory range within an enclave). The LSM hooks are presumably fixing a problem that these patches introduce. What's that problem?
