[RFC PATCH v2 0/3] security/x86/sgx: SGX specific LSM hooks
Jarkko Sakkinen
jarkko.sakkinen at linux.intel.com
Mon Jul 8 14:46:26 UTC 2019
On Fri, 2019-07-05 at 22:04 -0700, Xing, Cedric wrote:
> On 7/3/2019 4:16 PM, Jarkko Sakkinen wrote:
> > On Thu, Jun 27, 2019 at 11:56:18AM -0700, Cedric Xing wrote:
> >
> > I think it is fine to have these patch sets as a discussion starters but
> > it does not make any sense to me to upstream LSM changes with the SGX
> > foundations.
>
> Guess LSM is a gating factor, because otherwise SGX could be abused to
> make executable EPC from pages that are otherwise not allowed to be
> executable. Am I missing anything?
No, but what was the point? LSM is always additional gating factor.
Does not make a case for any of the proposed LSM changes.
/Jarrko
More information about the Linux-security-module-archive
mailing list