From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CDA83C74A54 for ; Thu, 11 Jul 2019 15:12:47 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id B108521019 for ; Thu, 11 Jul 2019 15:12:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728993AbfGKPMr (ORCPT ); Thu, 11 Jul 2019 11:12:47 -0400 Received: from mga06.intel.com ([134.134.136.31]:18092 "EHLO mga06.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726016AbfGKPMq (ORCPT ); Thu, 11 Jul 2019 11:12:46 -0400 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Jul 2019 08:12:46 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.63,479,1557212400"; d="scan'208";a="341408588" Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.165]) by orsmga005.jf.intel.com with ESMTP; 11 Jul 2019 08:12:46 -0700 Date: Thu, 11 Jul 2019 08:12:46 -0700 From: Sean Christopherson To: Stephen Smalley Cc: "Xing, Cedric" , Casey Schaufler , linux-sgx@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, James Morris Subject: Re: [RFC PATCH v3 3/4] X86/sgx: Introduce EMA as a new LSM module Message-ID: <20190711151245.GD7645@linux.intel.com> References: <41e1a1a2f66226d88d45675434eb34dde5d0f50d.1562542383.git.cedric.xing@intel.com> <1f5b5fc1-9a95-9748-f9dc-0486c6ae30d8@intel.com> <34552999-160e-4f60-8d7e-37f51c895ef4@schaufler-ca.com> <4c3e21dd-8890-e3cb-0db7-c154ac7201e1@tycho.nsa.gov> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4c3e21dd-8890-e3cb-0db7-c154ac7201e1@tycho.nsa.gov> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: selinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org On Thu, Jul 11, 2019 at 09:51:19AM -0400, Stephen Smalley wrote: > I'd also feel better if there was clear consensus among all of the > @intel.com participants that this is the right approach. To date that has > seemed elusive. That's a very kind way to phrase things :-) For initial upstreaming, we've agreed that there is no need to extend the uapi, i.e. we can punt on deciding between on-the-fly tracking and having userspace specify maximal permissions until we add SGX2 support. The last open (knock on wood) for initial upstreaming is whether SELinux would prefer to have new enclave specific permissions or reuse the existing PROCESS__EXECMEM, FILE__EXECUTE and FILE__EXECMOD permissions. My understanding is that enclave specific permissions are preferred.