From: Andy Lutomirski <luto@kernel.org>
To: Sean Christopherson <sean.j.christopherson@intel.com>,
"Schaufler, Casey" <casey.schaufler@intel.com>,
James Morris <jmorris@namei.org>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
linux-sgx@vger.kernel.org, Dave Hansen <dave.hansen@intel.com>,
Cedric Xing <cedric.xing@intel.com>,
Andy Lutomirski <luto@kernel.org>,
Jethro Beekman <jethro@fortanix.com>,
"Dr . Greg Wettstein" <greg@enjellic.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
LSM List <linux-security-module@vger.kernel.org>
Subject: Re: [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
Date: Mon, 15 Jul 2019 15:29:23 -0700 [thread overview]
Message-ID: <CALCETrXMAwHod_KZYPGWjTjg-fxOb1=02=Qj2g1o624wOPfPZQ@mail.gmail.com> (raw)
In-Reply-To: <20190710172553.GE4348@linux.intel.com>
On Wed, Jul 10, 2019 at 10:25 AM Sean Christopherson
<sean.j.christopherson@intel.com> wrote:
>
> On Tue, Jul 09, 2019 at 07:06:34PM +0300, Jarkko Sakkinen wrote:
> > On Mon, Jul 08, 2019 at 09:19:32AM -0700, Sean Christopherson wrote:
> > > > 2. Probably some "user story" type of examples would help with the
> > > > discussion overall [1] i.e. how one would use this for
> > > > her own good.
> > >
> > > The compelling story is Andy's original concern that userspace could
> > > circumvent existing security policies by running code in an enclave.
> > >
> > > AIUI, closing the LSM loophole is the minimal requirement to get SGX
> > > upstreamed. The extensive discussion has largely been focused on
> > > ensuring that whatever mechanism is used to close the loophole will
> > > play nice with future SGX functionality and/or LSM security policies.
> >
> > OK, might be getting here where I fall out of the wagon so:
> >
> > Doesn't Andy's example anyway require a process that has privileges to
> > make pages executable i.e. it could run arbitrary code even without an
> > enclave?
>
> Ah, no. He did raise that concern, but it'd only be an issue if the
> enclave fd were backed by an anon inode, in which case all enclaves would
> need EXECMEM in order to gain PROT_EXEC on EPC. Because the fd is backed
> /dev/sgx/enclave, userspace just needs FILE__EXECUTE on /dev/sgx/enclave.
I would say it differently: regardless of exactly how /dev/sgx/enclave
is wired up under the hood, we want a way that a process can be
granted permission to usefully run enclaves without being granted
permission to execute whatever bytes of code it wants. Preferably
without requiring LSMs to maintain some form of enclave signature
whitelist.
This is pretty much the only hard requirement I see. We really could
achieve this, in a somewhat limited form, by saying that LSMs can
approve or reject the SIGSTRUCT. But doing it that way is a bit nasty
as we've noticed, for a few reasons. Several of you have raised
objections to requiring SIGSTRUCT to come from a .sigstruct file. We
also need to worry about a SIGSTRUCT that refers to an enclave that
forgot to measure its text. And we need to worry about SGX2.
So this whole messy exercise boils down to: a bunch of security policy
authors think that EXECMEM and similar are not to be given out
lightly. How to we allow policies like that to be compatible with
SGX?
next prev parent reply other threads:[~2019-07-15 22:29 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20190617222438.2080-1-sean.j.christopherson@intel.com>
[not found] ` <20190617222438.2080-10-sean.j.christopherson@intel.com>
[not found] ` <0c4f75a0ae2fdeee6db07f3a224918f321163d56.camel@linux.intel.com>
[not found] ` <alpine.LRH.2.21.1906200702040.28119@namei.org>
2019-06-23 17:16 ` [RFC PATCH v3 09/12] LSM: x86/sgx: Introduce ->enclave_load() hook for Intel SGX Dr. Greg
2019-06-26 20:39 ` James Morris
[not found] ` <20190617222438.2080-5-sean.j.christopherson@intel.com>
[not found] ` <dc3d59c2783ea81d85d4d447bd1a4a2d5fe51421.camel@linux.intel.com>
[not found] ` <20190619152018.GC1203@linux.intel.com>
[not found] ` <20190620221702.GE20474@linux.intel.com>
[not found] ` <20190707190809.GE19593@linux.intel.com>
[not found] ` <1b7369a08e98dd08a4f8bb19b16479f12bee130f.camel@linux.intel.com>
[not found] ` <20190708161932.GE20433@linux.intel.com>
[not found] ` <20190709160634.3yupyabf5svnj4ds@linux.intel.com>
[not found] ` <20190710172553.GE4348@linux.intel.com>
2019-07-15 22:29 ` Andy Lutomirski [this message]
2019-08-01 16:38 ` [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits Jarkko Sakkinen
2019-08-04 22:20 ` Andy Lutomirski
2019-08-05 20:51 ` Jarkko Sakkinen
2019-08-05 21:30 ` Andy Lutomirski
2019-08-07 18:51 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALCETrXMAwHod_KZYPGWjTjg-fxOb1=02=Qj2g1o624wOPfPZQ@mail.gmail.com' \
--to=luto@kernel.org \
--cc=casey.schaufler@intel.com \
--cc=cedric.xing@intel.com \
--cc=dave.hansen@intel.com \
--cc=greg@enjellic.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jethro@fortanix.com \
--cc=jmorris@namei.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux-sgx@vger.kernel.org \
--cc=sds@tycho.nsa.gov \
--cc=sean.j.christopherson@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).