[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190610173645.GA13732@linux.intel.com>
Date: Mon, 10 Jun 2019 20:36:45 +0300
From: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To: Cedric Xing <cedric.xing@...el.com>
Cc: linux-security-module@...r.kernel.org, selinux@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-sgx@...r.kernel.org,
luto@...nel.org, sds@...ho.nsa.gov, jmorris@...ei.org,
serge@...lyn.com, paul@...l-moore.com, eparis@...isplace.org,
jethro@...tanix.com, dave.hansen@...el.com, tglx@...utronix.de,
torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
nhorman@...hat.com, pmccallum@...hat.com, serge.ayoun@...el.com,
shay.katz-zamir@...el.com, haitao.huang@...el.com,
andriy.shevchenko@...ux.intel.com, kai.svahn@...el.com,
bp@...en8.de, josh@...htriplett.org, kai.huang@...el.com,
rientjes@...gle.com, william.c.roberts@...el.com,
philip.b.tricca@...el.com
Subject: Re: [RFC PATCH v1 0/3] security/x86/sgx: SGX specific LSM hooks
On Mon, Jun 10, 2019 at 12:03:03AM -0700, Cedric Xing wrote:
> This series intends to make the new SGX subsystem and the existing LSM
> architecture work together smoothly so that, say, SGX cannot be abused to work
> around restrictions set forth by LSM. This series applies on top of Jarkko
> Sakkinen's SGX series v20 (https://lkml.org/lkml/2019/4/17/344), where abundant
> details of this SGX/LSM problem could be found.
>
> This series is an alternative to Sean Christopherson's recent RFC series
> (https://lkml.org/lkml/2019/6/5/1070) that was trying to solve the same
> problem. The key problem is for LSM to determine the "maximal (most permissive)
> protection" allowed for individual enclave pages. Sean's approach is to take
> that from user mode code as a parameter of the EADD ioctl, validate it with LSM
> ahead of time, and then enforce it inside the SGX subsystem. The major
> disadvantage IMHO is that a priori knowledge of "maximal protection" is needed,
> but it isn't always available in certain use cases. In fact, it is an unusual
> approach to take "maximal protection" from user code, as what SELinux is doing
> today is to determine "maximal protection" of a vma using attributes associated
> with vma->vm_file instead. When it comes to enclaves, vma->vm_file always
> points /dev/sgx/enclave, so what's missing is a new way for LSM modules to
> remember origins of enclave pages so that they don't solely depend on
> vma->vm_file to determine "maximal protection".
>
> This series takes advantage of the fact that enclave pages cannot be remapped
> (to different linear address), therefore the pair of { vma->vm_file,
> linear_address } can be used to uniquely identify an enclave page. Then by
> notifying LSM on creation of every enclave page (via a new LSM hook -
> security_enclave_load), LSM modules would be able to track origin and
> protection changes of every page, hence be able to judge correctly upon
> mmap/mprotect requests.
>
> Cedric Xing (3):
> LSM/x86/sgx: Add SGX specific LSM hooks
> LSM/x86/sgx: Implement SGX specific hooks in SELinux
> LSM/x86/sgx: Call new LSM hooks from SGX subsystem
A patch set containing direct LSM changes should consider all LSMs.
This will allow all the LSM maintainers to consider the changes. Now we
have a limited audience and we are favoring one LSM.
There is no good reason why direct LSM changes cannot be done
post-upstreaming like we do for virtualization.
Looking at Sean's patches, overally 1/5-3/5 make perfect sense.
/Jarkko
Powered by blists - more mailing lists