| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <DM8PR11MB57502FB1B78481B436DFAFFEE75EA@DM8PR11MB5750.namprd11.prod.outlook.com> Date: Thu, 24 Jul 2025 12:47:57 +0000 From: "Reshetova, Elena" <elena.reshetova@...el.com> To: "Huang, Kai" <kai.huang@...el.com>, "Hansen, Dave" <dave.hansen@...el.com> CC: "seanjc@...gle.com" <seanjc@...gle.com>, "mingo@...nel.org" <mingo@...nel.org>, "Scarlata, Vincent R" <vincent.r.scarlata@...el.com>, "x86@...nel.org" <x86@...nel.org>, "jarkko@...nel.org" <jarkko@...nel.org>, "Annapurve, Vishal" <vannapurve@...gle.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "Mallick, Asit K" <asit.k.mallick@...el.com>, "Aktas, Erdem" <erdemaktas@...gle.com>, "Cai, Chong" <chongc@...gle.com>, "Bondarevska, Nataliia" <bondarn@...gle.com>, "linux-sgx@...r.kernel.org" <linux-sgx@...r.kernel.org>, "Raynor, Scott" <scott.raynor@...el.com> Subject: RE: [PATCH v9 6/6] x86/sgx: Enable automatic SVN updates for SGX enclaves > -----Original Message----- > From: Huang, Kai <kai.huang@...el.com> > Sent: Thursday, July 24, 2025 2:13 PM > To: Reshetova, Elena <elena.reshetova@...el.com>; Hansen, Dave > <dave.hansen@...el.com> > Cc: seanjc@...gle.com; mingo@...nel.org; Scarlata, Vincent R > <vincent.r.scarlata@...el.com>; x86@...nel.org; jarkko@...nel.org; > Annapurve, Vishal <vannapurve@...gle.com>; linux-kernel@...r.kernel.org; > Mallick, Asit K <asit.k.mallick@...el.com>; Aktas, Erdem > <erdemaktas@...gle.com>; Cai, Chong <chongc@...gle.com>; Bondarevska, > Nataliia <bondarn@...gle.com>; linux-sgx@...r.kernel.org; Raynor, Scott > <scott.raynor@...el.com> > Subject: Re: [PATCH v9 6/6] x86/sgx: Enable automatic SVN updates for SGX > enclaves > > On Thu, 2025-07-24 at 11:02 +0300, Reshetova, Elena wrote: > > == Background == > > > > ENCLS[EUPDATESVN] is a new SGX instruction [1] which allows enclave > > attestation to include information about updated microcode SVN without a > > reboot. Before an EUPDATESVN operation can be successful, all SGX memory > > (aka. EPC) must be marked as “unused” in the SGX hardware metadata > > (aka.EPCM). This requirement ensures that no compromised enclave can > > survive the EUPDATESVN procedure and provides an opportunity to generate > > new cryptographic assets. > > > > == Patch Contents == > > Nit: you can use "Solution" instead of "Patch Contents". Sure. > > > > > Attempt to execute ENCLS[EUPDATESVN] every time the first file descriptor > > is obtained via sgx_(vepc_)open(). In the most common case the microcode > > SVN is already up-to-date, and the operation succeeds without updating SVN. > > (Sorry I forgot to say this in the previous versions): > > If I read the pseudo code correctly, when the SVN is already up-to-date, > the EUPDATESVN doesn't update SVN but it re-generates crypto assets > anyway. > > This is no harm per the pseudo code, since the "crypto assets" is actually > the CR_BASE_KEY which is only used by EWB/ELDU flow per the SDM. > > In other words, it doesn't impact other enclave visible keys (those from > EGETKEY) such as sealing key. > > I think this is important. Because if enclave visible keys such as > sealing key are lost on EUPDATESVN when SVN is already up-to-date (which > is the most common case), it will bring significant visible impact to > enclave. E.g., one enclave could find its secret encrypted by sealing key > could never be retrieved after it restarts. > > Assuming I didn't miss anything, can we also mention this in the > changelog? Yes, you are right, anything like above behaviour would be a nightmare in practice. So would smth like this work as an additional text: "Note that in cases when SVN is already up-to-date and EUPDATESVN is executed, it does not affect enclaves' visible keys obtained via EGETKEY instruction." ? Best Regards, Elena.
Powered by blists - more mailing lists