On Fri, May 24, 2019 at 12:13 PM Sean Christopherson <sean.j.christopherson@xxxxxxxxx> wrote: > > On Fri, May 24, 2019 at 11:34:32AM -0700, Xing, Cedric wrote: > > > From: linux-sgx-owner@xxxxxxxxxxxxxxx [mailto:linux-sgx- > > > owner@xxxxxxxxxxxxxxx] On Behalf Of Sean Christopherson > > > Sent: Friday, May 24, 2019 10:55 AM > I don't see a fundamental difference between having RWX in an enclave and > RWX in normal memory, either way the process can execute arbitrary code, > i.e. PROCESS__EXECMEM is appropriate. Yes, an enclave will #UD on certain > instructions, but that's easily sidestepped by having a trampoline in the > host (marked RX) and piping arbitrary code into the enclave. Or using > EEXIT to do a bit of ROP. There's a difference, albeit a somewhat weak one, if sigstructs are whitelisted. FILE__EXECMOD on either /dev/sgx/enclave or on the sigstruct is not an entirely crazy way to express this.
