From: Andy Lutomirski <luto@kernel.org>
To: npmccallum@redhat.com
Cc: nhorman@redhat.com, "Christopherson,
Sean J" <sean.j.christopherson@intel.com>,
Jethro Beekman <jethro@fortanix.com>,
Andrew Lutomirski <luto@kernel.org>,
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
X86 ML <x86@kernel.org>,
Platform Driver <platform-driver-x86@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
Ingo Molnar <mingo@redhat.com>,
intel-sgx-kernel-dev@lists.01.org,
"H. Peter Anvin" <hpa@zytor.com>,
Darren Hart <dvhart@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
andy@infradead.org, Peter Jones <pjones@redhat.com>
Subject: Re: [intel-sgx-kernel-dev] [PATCH v11 13/13] intel_sgx: in-kernel launch enclave
Date: Thu, 21 Jun 2018 15:48:49 -0700 [thread overview]
Message-ID: <CALCETrVCVeen+foJbW-yXgg2ivkPNmUx31tPT8rV4cYOAqcSfQ@mail.gmail.com> (raw)
In-Reply-To: <CAOASepOPxte6aDHQB2dsd+VMPqWOuZZH4j8OKoqaHZ2cBsc38g@mail.gmail.com>
On Thu, Jun 21, 2018 at 12:11 PM Nathaniel McCallum
<npmccallum@redhat.com> wrote:
>
> If this is acceptable for everyone, my hope is the following:
>
> 1. Intel would split the existing code into one of the following
> schemas (I don't care which):
> A. three parts: UEFI module, FLC-only kernel driver and user-space
> launch enclave
> B. two parts: UEFI module (including launch enclave) and FLC-only
> kernel driver
>
> 2. Intel would release a reproducible build of the GPL UEFI module
> sources signed with a SecureBoot trusted key and provide an
> acceptable[0] binary redistribution license.
>
> 3. The kernel community would agree to merge the kernel driver given
> the above criteria (and, obviously, acceptable kernel code).
>
> The question of how to distribute the UEFI module and possible launch
> enclave remains open. I see two options: independent distribution and
> bundling it in linux-firmware. The former may be a better
> technological fit since the UEFI module will likely need to be run
> before the kernel (and the boot loader; and shim). However, the latter
> has the benefit of already being a well-known entity to our downstream
> distributors. I could go either way on this.
This is a lot of complication and effort for a gain that is not
entirely clear. I really really really do *not* want to see Intel or
anyone else start enforcing policy on which programs can and cannot
run using this mechanism. (This is exactly why non-FLC systems aren't
about to be supported upstream.) So my preference is to not merge
anything that supports this type of use case unless there is
compelling evidence that it is (a) genuinely useful, (b) will be used
to improve security and (c) won't be abused for, say, revenue
purposes.
--Andy
next prev parent reply other threads:[~2018-06-21 22:49 UTC|newest]
Thread overview: 181+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-08 17:09 [PATCH v11 00/13] Intel SGX1 support Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 01/13] compiler.h, kasan: add __SANITIZE_ADDRESS__ check for __no_kasan_or_inline Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 02/13] x86, sgx: updated MAINTAINERS Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 03/13] x86, sgx: add SGX definitions to cpufeature Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 04/13] x86, sgx: add SGX definitions to msr-index.h Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:25 ` Dave Hansen
2018-06-19 13:18 ` Jarkko Sakkinen
2018-06-19 13:18 ` Jarkko Sakkinen
2018-06-19 14:01 ` Dave Hansen
2018-06-19 14:01 ` Dave Hansen
2018-06-21 17:22 ` Jarkko Sakkinen
2018-06-21 17:22 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 05/13] x86, cpufeatures: add Intel-defined SGX leaf CPUID_12_EAX Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 06/13] crypto: aesni: add minimal build option for SGX LE Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:27 ` Dave Hansen
2018-06-11 15:24 ` Sean Christopherson
2018-06-08 17:09 ` [PATCH v11 07/13] x86, sgx: detect Intel SGX Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:36 ` Dave Hansen
2018-06-18 21:36 ` [intel-sgx-kernel-dev] " Andy Lutomirski
2018-06-25 7:39 ` Jarkko Sakkinen
2018-06-19 13:33 ` Jarkko Sakkinen
2018-06-19 13:33 ` Jarkko Sakkinen
2018-06-11 11:35 ` Neil Horman
2018-06-19 13:34 ` Jarkko Sakkinen
2018-06-19 13:34 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 08/13] x86, sgx: added ENCLS wrappers Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:43 ` Dave Hansen
2018-06-19 13:25 ` Jarkko Sakkinen
2018-06-19 13:25 ` Jarkko Sakkinen
2018-06-20 13:12 ` Sean Christopherson
2018-06-20 13:12 ` Sean Christopherson
2018-06-25 9:16 ` Jarkko Sakkinen
2018-06-25 9:16 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 09/13] x86, sgx: basic routines for enclave page cache Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 18:21 ` Jethro Beekman
2018-06-18 21:33 ` [intel-sgx-kernel-dev] " Andy Lutomirski
2018-06-25 7:36 ` Jarkko Sakkinen
2018-06-19 14:08 ` Jarkko Sakkinen
2018-06-19 14:08 ` Jarkko Sakkinen
2018-06-19 15:44 ` Jethro Beekman
2018-06-19 15:44 ` Jethro Beekman
2018-06-08 18:24 ` Dave Hansen
2018-06-19 14:57 ` Jarkko Sakkinen
2018-06-19 14:57 ` Jarkko Sakkinen
2018-06-19 15:19 ` Neil Horman
2018-06-19 15:19 ` Neil Horman
2018-06-19 15:32 ` Dave Hansen
2018-06-19 15:32 ` Dave Hansen
2018-06-25 9:01 ` Jarkko Sakkinen
2018-06-25 9:01 ` Jarkko Sakkinen
2018-06-19 15:59 ` Sean Christopherson
2018-06-19 15:59 ` Sean Christopherson
2018-06-25 9:14 ` Jarkko Sakkinen
2018-06-25 9:14 ` Jarkko Sakkinen
2018-06-10 5:32 ` [intel-sgx-kernel-dev] " Andy Lutomirski
2018-06-11 15:12 ` Sean Christopherson
2018-06-20 13:21 ` Sean Christopherson
2018-06-20 13:21 ` Sean Christopherson
2018-06-25 9:21 ` Jarkko Sakkinen
2018-06-25 9:21 ` Jarkko Sakkinen
2018-06-25 16:14 ` Neil Horman
2018-06-25 16:14 ` Neil Horman
2018-06-20 15:26 ` Sean Christopherson
2018-06-20 15:26 ` Sean Christopherson
2018-06-25 9:21 ` Jarkko Sakkinen
2018-06-25 9:21 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 10/13] intel_sgx: driver for Intel Software Guard Extensions Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 19:35 ` Dave Hansen
2018-06-19 13:29 ` Jarkko Sakkinen
2018-06-19 13:29 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 11/13] intel_sgx: ptrace() support Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 18:34 ` Dave Hansen
2018-06-11 15:02 ` Sean Christopherson
2018-06-19 13:38 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 12/13] intel_sgx: driver documentation Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 18:32 ` Jethro Beekman
2018-06-19 13:30 ` Jarkko Sakkinen
2018-06-19 13:30 ` Jarkko Sakkinen
2018-06-08 21:41 ` Randy Dunlap
2018-06-08 21:41 ` Randy Dunlap
2018-06-19 13:31 ` Jarkko Sakkinen
2018-06-19 13:31 ` Jarkko Sakkinen
2018-06-08 17:09 ` [PATCH v11 13/13] intel_sgx: in-kernel launch enclave Jarkko Sakkinen
2018-06-08 17:09 ` Jarkko Sakkinen
2018-06-08 18:50 ` [intel-sgx-kernel-dev] " Andy Lutomirski
2018-06-19 15:05 ` Jarkko Sakkinen
2018-06-10 5:39 ` Andy Lutomirski
2018-06-11 5:17 ` Andy Lutomirski
2018-06-11 11:52 ` Neil Horman
2018-06-12 4:55 ` Andy Lutomirski
2018-06-12 17:45 ` Neil Horman
2018-06-18 21:58 ` Andy Lutomirski
2018-06-19 13:17 ` Neil Horman
2018-06-20 16:28 ` Nathaniel McCallum
2018-06-20 18:16 ` Jethro Beekman
2018-06-20 18:39 ` Jethro Beekman
2018-06-20 21:01 ` Sean Christopherson
2018-06-21 12:32 ` Nathaniel McCallum
2018-06-21 15:29 ` Neil Horman
2018-06-21 19:11 ` Nathaniel McCallum
2018-06-21 21:20 ` Sean Christopherson
2018-06-25 21:00 ` Nathaniel McCallum
2018-06-25 22:35 ` Sean Christopherson
2018-06-21 22:48 ` Andy Lutomirski [this message]
2018-06-25 21:06 ` Nathaniel McCallum
2018-06-25 23:40 ` Andy Lutomirski
2018-06-25 9:41 ` Jarkko Sakkinen
2018-06-25 15:45 ` Andy Lutomirski
2018-06-25 21:28 ` Nathaniel McCallum
2018-06-26 8:43 ` Jarkko Sakkinen
2018-06-26 15:01 ` Nathaniel McCallum
2018-06-27 15:31 ` Jarkko Sakkinen
2018-06-21 12:12 ` Nathaniel McCallum
2018-06-25 9:27 ` Jarkko Sakkinen
2018-06-25 21:26 ` Nathaniel McCallum
2018-06-20 7:23 ` Jarkko Sakkinen
2018-06-12 10:50 ` [PATCH v11 00/13] Intel SGX1 support Pavel Machek
2018-06-12 10:50 ` Pavel Machek
2018-06-19 14:59 ` Jarkko Sakkinen
2018-06-19 14:59 ` Jarkko Sakkinen
2018-06-19 14:59 ` Jarkko Sakkinen
2018-06-19 20:04 ` Pavel Machek
2018-06-19 20:04 ` Pavel Machek
2018-06-19 20:23 ` Peter Zijlstra
2018-06-19 20:23 ` Peter Zijlstra
2018-06-19 20:23 ` Peter Zijlstra
2018-06-19 20:23 ` Peter Zijlstra
2018-06-19 21:48 ` Josh Triplett
2018-06-19 21:48 ` Josh Triplett
2018-06-19 21:48 ` Josh Triplett
2018-06-19 21:48 ` Josh Triplett
2018-12-09 20:06 ` Pavel Machek
2018-12-09 20:06 ` Pavel Machek
2018-12-09 20:06 ` Pavel Machek
2018-12-09 20:06 ` Pavel Machek
2018-12-10 7:47 ` Josh Triplett
2018-12-10 7:47 ` Josh Triplett
2018-12-10 7:47 ` Josh Triplett
2018-12-10 7:47 ` Josh Triplett
2018-12-10 8:27 ` Pavel Machek
2018-12-10 8:27 ` Pavel Machek
2018-12-10 8:27 ` Pavel Machek
2018-12-10 8:27 ` Pavel Machek
2018-12-10 23:12 ` Josh Triplett
2018-12-10 23:12 ` Josh Triplett
2018-12-10 23:12 ` Josh Triplett
2018-12-10 23:12 ` Josh Triplett
2018-12-11 18:10 ` Dave Hansen
2018-12-11 18:10 ` Dave Hansen
2018-12-11 18:10 ` Dave Hansen
2018-12-11 18:10 ` Dave Hansen
2018-12-11 18:31 ` Sean Christopherson
2018-12-11 18:31 ` Sean Christopherson
2018-12-11 18:31 ` Sean Christopherson
2018-12-11 18:31 ` Sean Christopherson
2018-06-19 20:36 ` Peter Zijlstra
2018-06-19 20:36 ` Peter Zijlstra
2018-06-19 20:36 ` Peter Zijlstra
2018-06-19 20:36 ` Peter Zijlstra
2018-06-21 12:55 ` Ingo Molnar
2018-06-21 12:55 ` Ingo Molnar
2018-06-21 12:55 ` Ingo Molnar
2018-06-25 9:44 ` Jarkko Sakkinen
2018-06-25 9:44 ` Jarkko Sakkinen
2018-06-25 9:44 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALCETrVCVeen+foJbW-yXgg2ivkPNmUx31tPT8rV4cYOAqcSfQ@mail.gmail.com \
--to=luto@kernel.org \
--cc=andy@infradead.org \
--cc=dvhart@infradead.org \
--cc=hpa@zytor.com \
--cc=intel-sgx-kernel-dev@lists.01.org \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jethro@fortanix.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=nhorman@redhat.com \
--cc=npmccallum@redhat.com \
--cc=pjones@redhat.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=sean.j.christopherson@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.