lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 16 May 2019 23:29:47 +0000
From:   "Xing, Cedric" <>
To:     "Christopherson, Sean J" <>,
        "Andy Lutomirski" <>
CC:     Jarkko Sakkinen <>,
        James Morris <>,
        "Serge E. Hallyn" <>,
        LSM List <>,
        Paul Moore <>,
        Stephen Smalley <>,
        Eric Paris <>,
        "" <>,
        Jethro Beekman <>,
        "Hansen, Dave" <>,
        "Thomas Gleixner" <>,
        "Dr. Greg" <>,
        Linus Torvalds <>,
        LKML <>, X86 ML <>,
        "" <>,
        Andrew Morton <>,
        "" <>,
        "" <>,
        "Ayoun, Serge" <>,
        "Katz-zamir, Shay" <>,
        "Huang, Haitao" <>,
        "Andy Shevchenko" <>,
        "Svahn, Kai" <>, Borislav Petkov <>,
        Josh Triplett <>,
        "Huang, Kai" <>,
        David Rientjes <>
Subject: RE: SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)

> > > There is a problem here though. Usually the enclave itself is just a
> > > loader that then loads the application from outside source and
> > > creates the executable pages from the content.
> > >
> > > A great example of this is Graphene that bootstraps unmodified Linux
> > > applications to an enclave:
> > >
> > >
> > >
> >
> > ISTM you should need EXECMEM or similar to run Graphene, then.
> Agreed, Graphene is effectively running arbitrary enclave code.  I'm
> guessing there is nothing that prevents extending/reworking Graphene to
> allow generating the enclave ahead of time so as to avoid populating the
> guts of the enclave at runtime, i.e. it's likely possible to run an
> unmodified application in an enclave without EXECMEM if that's something
> Graphene or its users really care about.

Inefficient use of memory is a problem of running Graphene on SGX1, from at least 2 aspects: 1) heaps/stacks have to be pre-allocated but only a small portion of those pages will be actually used; and 2) dynamic linking is commonly used in *unmodified* applications and all dependent libraries have to be loaded, but only a subset of those pages will actually be used - e.g. most applications use only a small set of functions in but the whole library still has to be loaded. Hence a practical/efficient solution will require/involve EDMM features available in SGX2. I guess we shall look a bit further into future in order to address this problem properly. And I think it necessary to distinguish enclave virtual ranges from regular ones (probably at VMA level) before we could have a practical solution.

Powered by blists - more mailing lists