lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e445c2f8-fddd-5740-0e26-a03e023918bf@fortanix.com>
Date:   Thu, 5 Mar 2020 19:24:11 +0100
From:   Jethro Beekman <jethro@...tanix.com>
To:     Sean Christopherson <sean.j.christopherson@...el.com>,
        Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
Cc:     linux-kernel@...r.kernel.org, x86@...nel.org,
        linux-sgx@...r.kernel.org, akpm@...ux-foundation.org,
        dave.hansen@...el.com, nhorman@...hat.com, npmccallum@...hat.com,
        haitao.huang@...el.com, andriy.shevchenko@...ux.intel.com,
        tglx@...utronix.de, kai.svahn@...el.com, bp@...en8.de,
        josh@...htriplett.org, luto@...nel.org, kai.huang@...el.com,
        rientjes@...gle.com, cedric.xing@...el.com, puiterwijk@...hat.com,
        linux-security-module@...r.kernel.org,
        Suresh Siddha <suresh.b.siddha@...el.com>,
        Haitao Huang <haitao.huang@...ux.intel.com>,
        Chunyang Hui <sanqian.hcy@...fin.com>
Subject: Re: [PATCH v28 11/22] x86/sgx: Linux Enclave Driver

On 2020-03-05 18:40, Sean Christopherson wrote:
> On Wed, Mar 04, 2020 at 01:35:58AM +0200, Jarkko Sakkinen wrote:
>> diff --git a/arch/x86/include/uapi/asm/sgx.h b/arch/x86/include/uapi/asm/sgx.h
>> new file mode 100644
>> index 000000000000..5edb08ab8fd0
>> --- /dev/null
>> +++ b/arch/x86/include/uapi/asm/sgx.h
>> @@ -0,0 +1,66 @@
>> +/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) WITH Linux-syscall-note */
>> +/*
>> + * Copyright(c) 2016-19 Intel Corporation.
>> + */
>> +#ifndef _UAPI_ASM_X86_SGX_H
>> +#define _UAPI_ASM_X86_SGX_H
>> +
>> +#include <linux/types.h>
>> +#include <linux/ioctl.h>
>> +
>> +/**
>> + * enum sgx_epage_flags - page control flags
>> + * %SGX_PAGE_MEASURE:	Measure the page contents with a sequence of
>> + *			ENCLS[EEXTEND] operations.
>> + */
>> +enum sgx_page_flags {
>> +	SGX_PAGE_MEASURE	= 0x01,
>> +};
>> +
>> +#define SGX_MAGIC 0xA4
>> +
>> +#define SGX_IOC_ENCLAVE_CREATE \
>> +	_IOW(SGX_MAGIC, 0x00, struct sgx_enclave_create)
>> +#define SGX_IOC_ENCLAVE_ADD_PAGES \
>> +	_IOWR(SGX_MAGIC, 0x01, struct sgx_enclave_add_pages)
>> +#define SGX_IOC_ENCLAVE_INIT \
>> +	_IOW(SGX_MAGIC, 0x02, struct sgx_enclave_init)
>> +
>> +/**
>> + * struct sgx_enclave_create - parameter structure for the
>> + *                             %SGX_IOC_ENCLAVE_CREATE ioctl
>> + * @src:	address for the SECS page data
>> + */
>> +struct sgx_enclave_create  {
>> +	__u64	src;
> 
> Would it make sense to add reserved fields to the structs so that new
> features can be added in a backwards compatible way?  E.g. if we want to
> allow userspace to control the backing store by passing in a file
> descriptor ENCLAVE_CREATE.

Reserving space for future fields is not necessary because the size of the struct is encoded in the ioctl number. The kernel can use this to differentiate between different call versions from userspace.

--
Jethro Beekman | Fortanix


Download attachment "smime.p7s" of type "application/pkcs7-signature" (4054 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ