On Wed, Aug 11, 2021 at 11:27:13AM +1200, Kai Huang wrote: > On Wed, 11 Aug 2021 01:56:27 +0300 Jarkko Sakkinen wrote: > > When /dev/sgx_vepc for KVM was added, the initialization was relaxed so > > that this file can be accessed even when the driver is disabled. > > > > Deregister /dev/sgx_provision when the driver is disabled, because it is > > only useful for the driver. > > Hi Jarkko, > > This is not true. KVM also uses /dev/sgx_provision to restrict enclave in guest > from accessing provisoning key. Specifically, in order to allow guest enclave > to be able to use provisioning key, when one VM is created, Qemu must have > permission to open /dev/sgx_provision, and pass the fd as parameter to > KVM_CAP_SGX_ATTRIBUTE. > > Please see below KVM API: > > 7.25 KVM_CAP_SGX_ATTRIBUTE > -------------------------- > > :Architectures: x86 > :Target: VM > :Parameters: args[0] is a file handle of a SGX attribute file in securityfs > :Returns: 0 on success, -EINVAL if the file handle is invalid or if a requested > attribute is not supported by KVM. > > KVM_CAP_SGX_ATTRIBUTE enables a userspace VMM to grant a VM access to one or > more priveleged enclave attributes. args[0] must hold a file handle to a valid > SGX attribute file corresponding to an attribute that is supported/restricted > by KVM (currently only PROVISIONKEY). > > The SGX subsystem restricts access to a subset of enclave attributes to provide > additional security for an uncompromised kernel, e.g. use of the PROVISIONKEY > is restricted to deter malware from using the PROVISIONKEY to obtain a stable > system fingerprint. To prevent userspace from circumventing such restrictions > by running an enclave in a VM, KVM prevents access to privileged attributes by > default. OK, I was not aware of this. /Jarkko
