On Wed, Nov 18, 2020 at 11:37:55PM +0200, Jarkko Sakkinen wrote:
Good evening, I hope the week is going well for everyone.
On Wed, Nov 18, 2020 at 07:04:50PM +0100, Borislav Petkov wrote:
On Wed, Nov 18, 2020 at 07:58:50PM +0200, Jarkko Sakkinen wrote:
Duh, I sent the fix for the selftest before seeing this.
All, good - your static key fix is queued now too. The only thing that's needs work now is the anon inode thing but that can come later.
Just checking that I got this right: you want me to port my anon inode changes from March to be applied on top of tip and send them?
Given this issue, I would submit that you also need to consider the patch that I sent over the weekend that unconditionally blocks mmap/mprotect on an initialized enclave.
The issue with a noexec /dev filesystem goes on to confirm that the page permission callback architecture, while certainly elegant, won't work given the current architecture of the driver and the SGX hardware itself.
The stashed page permissions are derived from the enclave permissions set by the enclave author. To be useful for the JIT model that Andy described, the 'maximal' permissions would need to include WX.
Setting these types of permissions is problematic, not only from the perspective of a noexec filesystem, which will presumably get fixed by the anonymous inode, but it also triggers the very LSM issues that started the re-design of all this a year ago.
/Jarkko
Have a good evening.
As always, Dr. Greg Wettstein, Ph.D, Worker Autonomously self-defensive Enjellic Systems Development, LLC IOT platforms and edge devices. 4206 N. 19th Ave. Fargo, ND 58102 PH: 701-281-1686 EMAIL: greg@enjellic.com ------------------------------------------------------------------------------ "Opportunity is missed by most people because it is dressed in overalls and looks like work." -- Thomas Edison