On Fri, May 22, 2020 at 09:13:26AM -0700, Sean Christopherson wrote: > On Fri, May 22, 2020 at 06:54:05PM +0300, Jarkko Sakkinen wrote: > > On Wed, May 20, 2020 at 08:47:45PM +0200, Borislav Petkov wrote: > > > On Fri, May 15, 2020 at 03:43:54AM +0300, Jarkko Sakkinen wrote: > > > > +/** > > > > + * struct sgx_sigstruct_header - defines author of the enclave > > > > + * @header1: constant byte string > > > > + * @vendor: must be either 0x0000 or 0x8086 > > > > > > Out of pure curiosity: what is that about? > > > > > > Nothing in the patchset enforces this, so hw does? If so, why? > > > > > > Are those vendor IDs going to be assigned by someone or what's up? > > > > > > Thx. > > > > In SGX1 world 0x8086 was used to mark architectural enclaves and 0x0000 > > user run enclaves. In SGX2 world they are irrelevant. > > That's not accurate, the vendor is irrelevant in all SGX eras, e.g. enclaves > signed by someone other than Intel can use 0x8086 on SGX1 hardware and even > pre-LC hardware. 0x8086 is/was used as an _informal_ "this is an > Intel-signed enclave", but in no way was it mandatory or reliable. > > > In order to retain compatiblity I'd add an explicit check to: > > > > 1. Allow vendor ID of 0x0000 or 0x8086. > > 2. Reject other vendor ID's (-EINVAL). > > Unless we also check the reserved fields in sigstruct, I don't see the > point. Even then, I don't understand what the kernel gains from enforcing > anything with respect to sigstruct. Enforcing the SECS makes sense as we > don't want to allow userspace to enable some unknown future feature. But > sigstruct is purely for verification, we (Intel) have far bigger problems > if Intel is enabling new behavior via sigstruct. > > That being said, I'm not dead set against sanity checking sigstruct, I just > think it'd be a waste of cycles. If other values except two are never going to be used it is more than a legit point to validate this field. It also the potential to use ~0x8086 bits to be defined later if ever needed lets say for some kernel specific purpose. /Jarkko
