[RFC PATCH v4 00/12] security: x86/sgx: SGX vs. LSM
Sean Christopherson
sean.j.christopherson at intel.com
Tue Jul 9 22:25:34 UTC 2019
On Tue, Jul 09, 2019 at 01:41:28PM -0700, Xing, Cedric wrote:
> On 7/9/2019 10:09 AM, Sean Christopherson wrote:
> >Translating those to SGX, with a lot of input from Stephen, I ended up
> >with the following:
> >
> > - FILE__ENCLAVE_EXECUTE: equivalent to FILE__EXECUTE, required to gain X
> > on an enclave page loaded from a regular file
> >
> > - PROCESS2__ENCLAVE_EXECDIRTY: hybrid of EXECMOD and EXECUTE+WRITE,
> > required to gain W->X on an enclave page
>
> EXECMOD basically indicates a file containing self-modifying code. Your
> ENCLAVE_EXECDIRTY is however a process permission, which is illogical.
How is it illogical? If a PROCESS wants to EXECute a DIRTY ENCLAVE page,
then it needs PROCESS2__ENCLAVE_EXECDIRTY.
FILE__EXECMOD on /dev/sgx/enclave is a process permission masquerading as
a file permission, let's call it what it is.
More information about the Linux-security-module-archive
mailing list