On Mon, May 03, 2021 at 09:39:05AM -0700, Dave Hansen wrote:
On 5/3/21 8:41 AM, Jarkko Sakkinen wrote:
$ ls -l /dev/sgx_enclave crw------- 1 dave dave 10, 125 Apr 28 11:32 /dev/sgx_enclave $ ./test_sgx 0x0000000000000000 0x0000000000002000 0x03 0x0000000000002000 0x0000000000001000 0x05 0x0000000000003000 0x0000000000003000 0x03 SUCCESS
*But*, is that OK? Should we be happily creating a PROT_EXEC mapping on a ugo-x file? Why were we respecting noexec on the filesystem but not ugo-x on the file?
Yeah, this supports my earlier response:
"EPERM The prot argument asks for PROT_EXEC but the mapped area belongs to a file on a filesystem that was mounted no-exec." https://man7.org/linux/man-pages/man2/mmap.2.html
I guess the right model is to think just as "anonymous memory" with equivalent access control semantics after succesfully opened for read and write.
I guess I'll answer my own question: The "x" bit on file permissions really only controls the ability for the file to be execve()'d, but has no bearing on the ability for an executable *mapping* to be created. This is existing VFS behavior and is not specific to SGX.
Yeah, that's nicely put it into one sentence :-)
I think I'll just send a patch to pull that warning out.
/Jarkko