lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCETrVJ1vMAA-7qtiZ8tg-3qyckSwbzNC2kbbHsojm+W46PWg@mail.gmail.com>
Date:   Sat, 27 Jul 2019 10:32:11 -0700
From:   Andy Lutomirski <luto@...capital.net>
To:     Sean Christopherson <sean.j.christopherson@...el.com>
Cc:     Paolo Bonzini <pbonzini@...hat.com>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        X86 ML <x86@...nel.org>,
        Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
        Joerg Roedel <joro@...tes.org>,
        "H. Peter Anvin" <hpa@...or.com>, kvm list <kvm@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>, linux-sgx@...r.kernel.org
Subject: Re: [RFC PATCH 21/21] KVM: x86: Add capability to grant VM access to
 privileged SGX attribute

On Fri, Jul 26, 2019 at 10:52 PM Sean Christopherson
<sean.j.christopherson@...el.com> wrote:
>
> The SGX subsystem restricts access to a subset of enclave attributes to
> provide additional security for an uncompromised kernel, e.g. to prevent
> malware from using the PROVISIONKEY to ensure its nodes are running
> inside a geniune SGX enclave and/or to obtain a stable fingerprint.
>
> To prevent userspace from circumventing such restrictions by running an
> enclave in a VM, KVM restricts guest access to privileged attributes by
> default.  Add a capability, KVM_CAP_SGX_ATTRIBUTE, that can be used by
> userspace to grant a VM access to a priveleged attribute, with args[0]
> holding a file handle to a valid SGX attribute file corresponding to
> an attribute that is restricted by KVM (currently only PROVISIONKEY).

Looks good to me.  Thanks!

> +can use KVM_CAP_SGX_ATTRIBUTE to grant a VM access to a priveleged attribute.

Spelling.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ