[PATCH v18 19/25] x86/sgx: Add provisioning

[Jarkko Sakkinen]

On Mon, Dec 24, 2018 at 05:36:36AM +0000, Jethro Beekman wrote:
> On 2018-12-22 04:41, Jarkko Sakkinen wrote:
> > In order to provide a mechanism for devilering provisoning rights:
> > 
> > 1. Add a new file to the securityfs file called sgx/provision that works
> >     as a token for allowing an enclave to have the provisioning privileges.
> > 2. Add a new ioctl called SGX_IOC_ENCLAVE_SET_ATTRIBUTE that accepts the
> >     following data structure:
> > 
> >     struct sgx_enclave_set_attribute {
> >             __u64 addr;
> >             __u64 token_fd;
> >     };
> > 
> > A daemon could sit on top of sgx/provision and send a file descriptor of
> > this file to a process that needs to be able to provision enclaves.
> > 
> > The way this API is used is more or less straight-forward. Lets assume that
> > dev_fd is a handle to /dev/sgx and prov_fd is a handle to sgx/provision.
> > You would allow SGX_IOC_ENCLAVE_CREATE to initialize an enclave with the
> > PROVISIONKEY attribute by
> > 
> > params.addr = <enclave address>;
> > params.token_fd = prov_fd;
> > 
> > ioctl(dev_fd, SGX_IOC_ENCLAVE_SET_ATTRIBUTE, &params);
> 
> I think the attribute handling in this and the previous patch doesn't work.
> How am I supposed to call this ioctl between sgx_encl_alloc and
> sgx_encl_create in sgx_ioc_enclave_create? Even if I somehow manage to call
> this, how is secs->attributes getting set? How do I unset SGX_ATTR_DEBUG?

encl->attributes was previously unused (noticed when I wrote this
patch). It is actually a mask for allowed attributes that is checked
on EINIT. Should rename the variable, yes.

/Jarkko