| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 2 May 2020 17:48:30 -0700
From: Andy Lutomirski <luto@...capital.net>
To: "Dr. Greg" <greg@...ellic.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
Sean Christopherson <sean.j.christopherson@...el.com>,
torvalds@...ux-foundation.org, linux-kernel@...r.kernel.org,
x86@...nel.org, linux-sgx@...r.kernel.org,
akpm@...ux-foundation.org, dave.hansen@...el.com,
nhorman@...hat.com, npmccallum@...hat.com, haitao.huang@...el.com,
andriy.shevchenko@...ux.intel.com, tglx@...utronix.de,
kai.svahn@...el.com, bp@...en8.de, josh@...htriplett.org,
luto@...nel.org, kai.huang@...el.com, rientjes@...gle.com,
cedric.xing@...el.com, puiterwijk@...hat.com
Subject: Re: [PATCH v29 00/20] Intel SGX foundations
> On May 2, 2020, at 4:05 PM, Dr. Greg <greg@...ellic.com> wrote:
>
> On Thu, Apr 30, 2020 at 06:59:11AM +0300, Jarkko Sakkinen wrote:
>
> Good afternoon, I hope the weekend is going well for everyone.
>
>>> On Wed, Apr 29, 2020 at 08:14:59AM -0700, Sean Christopherson wrote:
>>> On Wed, Apr 29, 2020 at 08:23:29AM +0300, Jarkko Sakkinen wrote:
>>>> On Sun, Apr 26, 2020 at 11:57:53AM -0500, Dr. Greg wrote:
>>>>> On Wed, Apr 22, 2020 at 12:52:56AM +0300, Jarkko Sakkinen wrote:
>>>>
>>>>>> The current implementation requires that the firmware sets
>>>>>> IA32_SGXLEPUBKEYHASH* MSRs as writable so that ultimately
>>>>>> the kernel can decide what enclaves it wants run. The
>>>>>> implementation does not create any bottlenecks to support
>>>>>> read-only MSRs later on.
>>>>
>>>>> It seems highly unlikely that a driver implementation with any type of
>>>>> support for read-only launch control registers would ever get into the
>>>>> kernel. All one needs to do is review the conversations that Matthew
>>>>> Garrett's lockdown patches engender to get a sense of that, ie:
>>>>>
>>>>> https://lwn.net/Articles/818277/
>>>>
>>>> We do not require read-only MSRs.
>>>
>>> Greg is pointing out the opposite, that supporting read-only MSRs is highly
>>> unlikely to ever be supported in the mainline kernel.
>
>> In a nutshell, what is wrong in the current code changes and what
>> *exactly* should we change? This is way too high level at the moment
>> at least for my limited brain capacity.
>
> In a nutshell, the driver needs our patch that implements
> cryptographic policy management.
>
> A patch that:
>
> 1.) Does not change the default behavior of the driver.
>
> 2.) Implements capabilities that are consistent with what the hardware
> was designed to do, but only at the discretion of the platform owner.
>
> 3.) Has no impact on the driver architecture.
>
> The only consumer for this driver are SGX runtimes. To our knowledge,
> there exist only two complete runtime implementations, Intel's and
> ours. It us unclear why our approach to the use of the technology
> should be discriminated against when it doesn't impact the other user
> community.
Can you clarify how exactly this patch set discriminates against your stack?
>
> The Linux kernel that I have worked on and supported since 1992 has
> always focused on technical rationale and meritocracy rather then
> politics. We would be interested in why our proposal for the driver
> fails on the former grounds rather then the latter.
>
>> /Jarkko
>
> Best wishes for a productive week.
>
> Dr. Greg
>
> As always,
> Dr. Greg Wettstein, Ph.D, Worker Artisans in autonomously
> Enjellic Systems Development, LLC self-defensive IOT platforms
> 4206 N. 19th Ave. and edge devices.
> Fargo, ND 58102
> PH: 701-281-1686 EMAIL: greg@...ellic.com
> ------------------------------------------------------------------------------
> "The best way to predict the future is to invent it."
> -- Alan Kay
Powered by blists - more mailing lists