| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 5 Dec 2021 01:45:47 +0200
From: Jarkko Sakkinen <jarkko@...nel.org>
To: Reinette Chatre <reinette.chatre@...el.com>
Cc: dave.hansen@...ux.intel.com, tglx@...utronix.de, bp@...en8.de,
luto@...nel.org, mingo@...hat.com, linux-sgx@...r.kernel.org,
x86@...nel.org, seanjc@...gle.com, kai.huang@...el.com,
cathy.zhang@...el.com, cedric.xing@...el.com,
haitao.huang@...el.com, mark.shanahan@...el.com, hpa@...or.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 17/25] x86/sgx: Support complete page removal
On Wed, Dec 01, 2021 at 11:23:15AM -0800, Reinette Chatre wrote:
> The SGX2 page removal flow was introduced in previous patch and is
> as follows:
> 1) Change the type of the pages to be removed to SGX_PAGE_TYPE_TRIM
> using the ioctl introduced in previous patch.
> 2) Approve the page removal by running ENCLU[EACCEPT] from within
> the enclave.
> 3) Initiate actual page removal using the new ioctl introduced here.
>
> Support the final step of the SGX2 page removal flow with a new ioctl.
> With this ioctl the user specifies a page range that should
> be removed. At this time all pages in the provided range should have
> the SGX_PAGE_TYPE_TRIM page type and the ioctl will fail with EPERM
> (Operation not permitted) when it encounters a page that does not have
> the correct type. Page removal can fail on any page within the
> provided range. Support partial success by returning the number of pages
> that were successfully removed.
>
> Since actual page removal will succeed even if ENCLU[EACCEPT] was not
> run from within the enclave the ENCLU[EMODPR] instruction with RWX
> permissions is used as a no-op mechanism to ensure ENCLU[EACCEPT] was
> successfully run from within the enclave before the enclave page is
> removed.
>
> Signed-off-by: Reinette Chatre <reinette.chatre@...el.com>
> ---
> arch/x86/include/uapi/asm/sgx.h | 21 +++++
> arch/x86/kernel/cpu/sgx/ioctl.c | 159 ++++++++++++++++++++++++++++++++
> 2 files changed, 180 insertions(+)
>
> diff --git a/arch/x86/include/uapi/asm/sgx.h b/arch/x86/include/uapi/asm/sgx.h
> index f70caccd166c..6648ded960f8 100644
> --- a/arch/x86/include/uapi/asm/sgx.h
> +++ b/arch/x86/include/uapi/asm/sgx.h
> @@ -33,6 +33,8 @@ enum sgx_page_flags {
> _IOWR(SGX_MAGIC, 0x05, struct sgx_page_modp)
> #define SGX_IOC_PAGE_MODT \
> _IOWR(SGX_MAGIC, 0x06, struct sgx_page_modt)
> +#define SGX_IOC_PAGE_REMOVE \
> + _IOWR(SGX_MAGIC, 0x07, struct sgx_page_remove)
Should be SGX_IOC_ENCLAVE_REMOVE_PAGES.
/Jarkko
Powered by blists - more mailing lists