| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160427124056.GA22003@intel.com>
Date: Wed, 27 Apr 2016 15:40:56 +0300
From: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To: Jethro Beekman <kernel@...ekman.nl>
Cc: gregkh@...uxfoundation.org,
"open list:STAGING SUBSYSTEM" <devel@...verdev.osuosl.org>,
"maintainer:X86 ARCHITECTURE 32-BIT AND 64-BIT" <x86@...nel.org>,
"open list:X86 ARCHITECTURE 32-BIT AND 64-BIT"
<linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH 3/6] intel_sgx: driver for Intel Secure Guard eXtensions
On Tue, Apr 26, 2016 at 11:49:38PM -0700, Jethro Beekman wrote:
> On 25-04-16 10:34, Jarkko Sakkinen wrote:
> > diff --git a/drivers/staging/intel_sgx/isgx_ioctl.c
> b/drivers/staging/intel_sgx/isgx_ioctl.c
> > new file mode 100644
> > index 0000000..9d8b36b
> > --- /dev/null
> > +++ b/drivers/staging/intel_sgx/isgx_ioctl.c
> >
> > +static long isgx_ioctl_enclave_create(struct file *filep, unsigned int cmd,
> > + unsigned long arg)
> >
> > + secs->base = vm_mmap(filep, 0, secs->size,
> > + PROT_READ | PROT_WRITE | PROT_EXEC,
> > + MAP_SHARED, 0);
>
> Why does the ioctl interface map userspace memory for an open device?
> There's already a perfectly good syscall for that: mmap.
You didn't explain what would be the value in doing this but after
thinking for a short while I found out two good reasons:
* The current API is ugly in a way that you can anyway call mmap
directly too and have a useless zombie enclave. This would make
the API less ambiguous.
* SGX_IOC_ENCLAVE_CREATE could be removed. SECS could be passed
through SGX_IOC_ENCLAVE_ADD_PAGE thus simplifying the API a lot.
Given these circumstances I think this does make sense.
> > diff --git a/drivers/staging/intel_sgx/isgx_user.h b/drivers/staging/intel_sgx/isgx_user.h
> > new file mode 100644
> > index 0000000..672d19c
> > --- /dev/null
> > +++ b/drivers/staging/intel_sgx/isgx_user.h
> >
> > +#define SGX_ADD_SKIP_EEXTEND 0x1
> > +
> > +struct sgx_add_param {
> > + unsigned long addr;
> > + unsigned long user_addr;
> > + struct isgx_secinfo *secinfo;
> > + unsigned int flags;
> > +};
>
> The hardware supports calling EEXTEND on only a part of a page, I think the
> driver should also support that.
Why would you want to do that?
> Jethro
/Jarkko
Powered by blists - more mailing lists