lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190805213909.x5wv26zrgwqfrp4d@linux.intel.com>
Date:   Tue, 6 Aug 2019 00:39:46 +0300
From:   Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To:     Sean Christopherson <sean.j.christopherson@...el.com>
Cc:     linux-kernel@...r.kernel.org, x86@...nel.org,
        linux-sgx@...r.kernel.org, akpm@...ux-foundation.org,
        dave.hansen@...el.com, nhorman@...hat.com, npmccallum@...hat.com,
        serge.ayoun@...el.com, shay.katz-zamir@...el.com,
        haitao.huang@...el.com, andriy.shevchenko@...ux.intel.com,
        tglx@...utronix.de, kai.svahn@...el.com, bp@...en8.de,
        josh@...htriplett.org, luto@...nel.org, kai.huang@...el.com,
        rientjes@...gle.com, cedric.xing@...el.com,
        Suresh Siddha <suresh.b.siddha@...el.com>
Subject: Re: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

On Mon, Aug 05, 2019 at 09:16:44AM -0700, Sean Christopherson wrote:
> On Sat, Jul 13, 2019 at 08:07:52PM +0300, Jarkko Sakkinen wrote:
> > +static unsigned long sgx_get_unmapped_area(struct file *file,
> > +					   unsigned long addr,
> > +					   unsigned long len,
> > +					   unsigned long pgoff,
> > +					   unsigned long flags)
> > +{
> > +	if (flags & MAP_PRIVATE)
> > +		return -EINVAL;
> > +
> > +	if (flags & MAP_FIXED)
> > +		return addr;
> > +
> > +	if (len < 2 * PAGE_SIZE || len & (len - 1))
> > +		return -EINVAL;
> > +
> > +	addr = current->mm->get_unmapped_area(file, addr, 2 * len, pgoff,
> > +					      flags);
> > +	if (IS_ERR_VALUE(addr))
> > +		return addr;
> > +
> > +	addr = (addr + (len - 1)) & ~(len - 1);
> > +
> > +	return addr;
> > +}
> 
> Thinking about this more, I don't think the driver should verify or adjust
> @addr and @len during non-fixed mmap().  There is no requirement that
> userspace must map the full ELRANGE, or that an enclave's ELRANGE can
> *never* be mapped to non-EPC.  The architectural requirement is that an
> access that hits ELRANGE must map to the EPC *if* the CPU is executing the
> associated enclave.

Yeah, well, these were done in a quite different "ecosystem" where range
was the enclave and not like now. Can be considered as cruft that we
have simply missed when moving the fd associated enclaves.

In the current framework of things it definitely makes sense to remove
these calculations.

So, I guess we will end up to:

static unsigned long sgx_get_unmapped_area(struct file *file,
					   unsigned long addr,
					   unsigned long len,
					   unsigned long pgoff,
					   unsigned long flags)
{
	if (flags & MAP_PRIVATE)
		return -EINVAL;

	if (flags & MAP_FIXED)
		return addr;

	return current->mm->get_unmapped_area(file, addr, len, pgoff, flags);
}

/Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ