On Thu, Feb 20, 2020 at 04:11:04PM -0800, Jordan Hand wrote: > On 2/20/20 2:16 PM, Jarkko Sakkinen wrote: > > On Thu, Feb 20, 2020 at 10:48:42AM -0800, Sean Christopherson wrote: > >> My biggest concern for allowing PROT_EXEC if RIE is that it would result > >> in #PF(SGX) (#GP on Skylake) due to an EPCM violation if the enclave > >> actually tried to execute from such a page. This isn't a problem for the > >> kernel as the fault will be reported cleanly through the vDSO (or get > >> delivered as a SIGSEGV if the enclave isn't entered through the vDSO), but > >> it's a bit weird for userspace as userspace will see the #PF(SGX) and > >> likely assume the EPC was lost, e.g. silently restart the enclave instead > >> of logging an error that the enclave is broken. > > > > I think right way to fix the current implementation is to -EACCES mmap() > > (and mprotect) when !!(current->personality & READ_IMPLIES_EXEC). > > > > I agree. It still means userspace code with an executable stack can't > mmap/mprotect enclave pages and request PROT_READ but the check you've > proposed would more consistently enforce this which is easier to > understand from userspace perspective. Thank you. Your observation was really important because having half working RIE support hanging around would only have potential to cause unnecessary maintenance burden. It would even make adding a legit RIE support later on somewhat more difficult. I updated the commit under discussion in my tree [*] with a fix that adds the following to the beginning of sgx_encl_may_map(): /* * Disallow RIE tasks as their VMA permissions might conflict with the * enclave page permissions. */ if (!!(current->personality & READ_IMPLIES_EXEC)) return -EACCES; [*] https://github.com/jsakkine-intel/linux-sgx.git /Jarkko
