lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <156919280fe6b1e01a81bb89f8850e72a6bfe077.camel@intel.com>
Date: Thu, 24 Jul 2025 11:12:58 +0000
From: "Huang, Kai" <kai.huang@...el.com>
To: "Reshetova, Elena" <elena.reshetova@...el.com>, "Hansen, Dave"
	<dave.hansen@...el.com>
CC: "seanjc@...gle.com" <seanjc@...gle.com>, "mingo@...nel.org"
	<mingo@...nel.org>, "Scarlata, Vincent R" <vincent.r.scarlata@...el.com>,
	"x86@...nel.org" <x86@...nel.org>, "jarkko@...nel.org" <jarkko@...nel.org>,
	"Annapurve, Vishal" <vannapurve@...gle.com>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, "Mallick, Asit K" <asit.k.mallick@...el.com>,
	"Aktas, Erdem" <erdemaktas@...gle.com>, "Cai, Chong" <chongc@...gle.com>,
	"Bondarevska, Nataliia" <bondarn@...gle.com>, "linux-sgx@...r.kernel.org"
	<linux-sgx@...r.kernel.org>, "Raynor, Scott" <scott.raynor@...el.com>
Subject: Re: [PATCH v9 6/6] x86/sgx: Enable automatic SVN updates for SGX
 enclaves

On Thu, 2025-07-24 at 11:02 +0300, Reshetova, Elena wrote:
> == Background ==
> 
> ENCLS[EUPDATESVN] is a new SGX instruction [1] which allows enclave
> attestation to include information about updated microcode SVN without a
> reboot. Before an EUPDATESVN operation can be successful, all SGX memory
> (aka. EPC) must be marked as “unused” in the SGX hardware metadata
> (aka.EPCM). This requirement ensures that no compromised enclave can
> survive the EUPDATESVN procedure and provides an opportunity to generate
> new cryptographic assets.
> 
> == Patch Contents ==

Nit: you can use "Solution" instead of "Patch Contents".

> 
> Attempt to execute ENCLS[EUPDATESVN] every time the first file descriptor
> is obtained via sgx_(vepc_)open(). In the most common case the microcode
> SVN is already up-to-date, and the operation succeeds without updating SVN.

(Sorry I forgot to say this in the previous versions):

If I read the pseudo code correctly, when the SVN is already up-to-date,
the EUPDATESVN doesn't update SVN but it re-generates crypto assets
anyway.

This is no harm per the pseudo code, since the "crypto assets" is actually
the CR_BASE_KEY which is only used by EWB/ELDU flow per the SDM.

In other words, it doesn't impact other enclave visible keys (those from
EGETKEY) such as sealing key.

I think this is important.  Because if enclave visible keys such as
sealing key are lost on EUPDATESVN when SVN is already up-to-date (which
is the most common case), it will bring significant visible impact to
enclave.  E.g., one enclave could find its secret encrypted by sealing key
could never be retrieved after it restarts.

Assuming I didn't miss anything, can we also mention this in the
changelog?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ