Re: [PATCH v20 00/28] Intel SGX1 support

From: Thomas Gleixner
Date: Fri Apr 19 2019 - 17:34:58 EST

Next message: David Miller: "Re: [PATCH v2 3/3] net: ethernet: add ag71xx driver"
Previous message: Madhumitha Prabakaran: "[PATCH] Staging: rtlwifi: Replace return type"
In reply to: Jethro Beekman: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Jethro Beekman: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 19 Apr 2019, Jethro Beekman wrote:
> On 2019-04-19 14:15, Andy Lutomirski wrote:
> > With plain mmap() + mprotect(), the LSM will prevent you from making
> > memory that *was* writable executable. This is by design and SELinux
> > supports it. I donât remember the name of the associated SELinux
> > permission off the top of my head.
> >
> > If we start enforcing equivalent rules on SGX, then the current API
> > will simply not allow enclaves to be loaded â no matter how you slice
> > it, loading an enclave with the current API is indistinguishable from
> > making arbitrary data executable.
> >
> Yes this is exactly what I intended here: a very simple change that
> stops SGX from confusing LSM. Just by enforcing that everything that
> looks like a memory write (EADD, EAUG, EDBGWR, etc.) actually requires
> write permissions, reality and LSM should be on the same page.

And how so? You create writeable AND executable memory. That's a nono and
you can argue in circles, that's not going to change with any of your
proposed changes. Andy clearly made a proposal which solves it in a proper
way.

Thanks,

tglx

Next message: David Miller: "Re: [PATCH v2 3/3] net: ethernet: add ag71xx driver"
Previous message: Madhumitha Prabakaran: "[PATCH] Staging: rtlwifi: Replace return type"
In reply to: Jethro Beekman: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Jethro Beekman: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]