Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
Subject: Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
From: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
Date: Tue, 4 Jun 2019 00:08:25 +0300
Cc: Andy Lutomirski <luto@xxxxxxxxxx>, Stephen Smalley <sds@xxxxxxxxxxxxx>, "Xing, Cedric" <cedric.xing@xxxxxxxxx>, William Roberts <bill.c.roberts@xxxxxxxxx>, James Morris <jmorris@xxxxxxxxx>, "Serge E. Hallyn" <serge@xxxxxxxxxx>, LSM List <linux-security-module@xxxxxxxxxxxxxxx>, Paul Moore <paul@xxxxxxxxxxxxxx>, Eric Paris <eparis@xxxxxxxxxxxxxx>, "selinux@xxxxxxxxxxxxxxx" <selinux@xxxxxxxxxxxxxxx>, Jethro Beekman <jethro@xxxxxxxxxxxx>, "Hansen, Dave" <dave.hansen@xxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, "Dr. Greg" <greg@xxxxxxxxxxxx>, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>, LKML <linux-kernel@xxxxxxxxxxxxxxx>, X86 ML <x86@xxxxxxxxxx>, "linux-sgx@xxxxxxxxxxxxxxx" <linux-sgx@xxxxxxxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, "nhorman@xxxxxxxxxx" <nhorman@xxxxxxxxxx>, "npmccallum@xxxxxxxxxx" <npmccallum@xxxxxxxxxx>, "Ayoun, Serge" <serge.ayoun@xxxxxxxxx>, "Katz-zamir, Shay" <shay.katz-zamir@xxxxxxxxx>, "Huang, Haitao" <haitao.huang@xxxxxxxxx>, Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>, "Svahn, Kai" <kai.svahn@xxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Josh Triplett <josh@xxxxxxxxxxxxxxxx>, "Huang, Kai" <kai.huang@xxxxxxxxx>, David Rientjes <rientjes@xxxxxxxxxx>
In-reply-to: <20190530213601.GC27551@linux.intel.com>
Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo
References: <960B34DE67B9E140824F1DCDEC400C0F654EB487@ORSMSX116.amr.corp.intel.com> <678a37af-797d-7bd5-a406-32548a270e3d@tycho.nsa.gov> <CALCETrWXB9fNNDH7gZxPTx05F78Og6K=ZtAr2aA++BDwY09Wbg@mail.gmail.com> <c1135352-0b5e-4694-b1a9-105876095877@tycho.nsa.gov> <CALCETrWsEXzUC33eJpGCpdMCBO4aYVviZLRD-CLMNaG5Jv-TCA@mail.gmail.com> <20190530180110.GB23930@linux.intel.com> <CALCETrX2PgUc_jetXHqp85aaS0a0jHB8E7=T1rsW+5vyRgwnUA@mail.gmail.com> <20190530211645.GB27551@linux.intel.com> <CALCETrVAoDppmdJzkpwagt3q64M-QpNajXbKGR1yQdqyofeANQ@mail.gmail.com> <20190530213601.GC27551@linux.intel.com>
User-agent: Mutt/1.10.1 (2018-07-13)

On Thu, May 30, 2019 at 02:36:01PM -0700, Sean Christopherson wrote:
> Assuming MRENCLAVE generated by Graphene or any other hosting scheme are
> stable[1], then avoiding EXEC<whatever> means the user can effectively
> whitelist what enclaves are runnable by Graphene, even if the kernel
> doesn't implement security_enclave_create/init().
> 
> I agree that it probably isn't all that important, it's more of a "why
> not" argument, i.e. what is gained by not using sigstruct as a proxy?
> 
> [1] What in the world is being attested if MRENCLAVE isn't stable?

If I've understood correctly, Graphene uses a single loader enclave
that loads the executable in.

/Jarkko

References:
- RE: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Xing, Cedric
- Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Stephen Smalley
- Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Andy Lutomirski
- Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Stephen Smalley
- Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Andy Lutomirski
- Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Sean Christopherson
- Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Andy Lutomirski
- Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Sean Christopherson
- Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Andy Lutomirski
- Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
  - From: Sean Christopherson

Prev by Date: Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
Next by Date: RE: [RFC PATCH 3/9] x86/sgx: Allow userspace to add multiple pages in single ioctl()
Previous by thread: Re: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
Next by thread: RE: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
Index(es):
- Date
- Thread

[Index of Archives] [Selinux Refpolicy] [Linux SGX] [Fedora Users] [Fedora Desktop] [Yosemite Photos] [Yosemite Camping] [Yosemite Campsites] [KDE Users] [Gnome Users]