On Fri, Mar 04, 2022 at 03:16:35AM +0200, Jarkko Sakkinen wrote: > Pre-initialization policy is meant for EADD'd pages because they are > part of the enclave identity. It's a good practice to not let touch the > permissions after initialization, and does provide guarantees to e.g. > LSM's about the enclave. > > For EAUG'd pages it should be sufficient to let mmap(), mprotect() and > SGX opcodes to control the permissions. Thus effectively disable > pre-initialization policy by setting vm_max_prot_bit and > vm_run_prot_bits to RWX. > > Cc: Reinette Chatre <reinette.chatre@xxxxxxxxx> > Cc: Nathaniel McCallum <nathaniel@xxxxxxxxxxx> > Signed-off-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx> > --- > arch/x86/kernel/cpu/sgx/encl.c | 8 +------- > 1 file changed, 1 insertion(+), 7 deletions(-) > > diff --git a/arch/x86/kernel/cpu/sgx/encl.c b/arch/x86/kernel/cpu/sgx/encl.c > index 5fe7189eac9d..17feb6fa5578 100644 > --- a/arch/x86/kernel/cpu/sgx/encl.c > +++ b/arch/x86/kernel/cpu/sgx/encl.c > @@ -200,13 +200,7 @@ static vm_fault_t sgx_encl_eaug_page(struct vm_area_struct *vma, > encl_page->desc = addr; > encl_page->encl = encl; > > - /* > - * Adding a regular page that is architecturally allowed to only > - * be created with RW permissions. > - * TBD: Interface with user space policy to support max permissions > - * of RWX. > - */ > - prot = PROT_READ | PROT_WRITE; > + prot = PROT_READ | PROT_WRITE | PROT_EXEC; > encl_page->vm_run_prot_bits = calc_vm_prot_bits(prot, 0); > encl_page->vm_max_prot_bits = encl_page->vm_run_prot_bits; > > -- > 2.35.1 > This does not break any existing ABI and at least makes the current patch set usable. BR, Jarkko
