[RFC PATCH v4 00/12] security: x86/sgx: SGX vs. LSM
Dr. Greg
greg at idfusion.net
Wed Jul 10 01:28:11 UTC 2019
On Mon, Jul 08, 2019 at 10:29:30AM -0700, Sean Christopherson wrote:
Good evening to everyone.
> That being said, we can do so without functional changes to the SGX
> uapi, e.g. add reserved fields so that the initial uapi can be
> extended *if* we decide to go with the "userspace provides maximal
> protections" path, and use the EPCM permissions as the maximal
> protections for the initial upstreaming.
>
> That'd give us a minimal implemenation for initial upstreaming and
> would eliminate Cedric's blocking complaint. The "whole mess" of
> whitelisting, blacklisting and SGX2 support would be deferred until
> post-upstreaming.
Are we convinced the 'mess' will be any easier to clean up after the
driver is upstreamed?
The primary problem is that we haven't addressed the issue of what
this technology is designed to do and its implications with respect to
the kernel. As a result we are attempting to implement controls which
we are comfortable with and understand rather then those that are
relevant.
Have a good evening.
Dr. Greg
As always,
Dr. Greg Wettstein, Ph.D, Worker
IDfusion, LLC Implementing SGX secured and modeled
4206 N. 19th Ave. intelligent network endpoints.
Fargo, ND 58102
PH: 701-281-1686 EMAIL: greg at idfusion.net
------------------------------------------------------------------------------
"Courage is not the absence of fear, but rather the judgement that
something else is more important than fear."
-- Ambrose Redmoon
More information about the Linux-security-module-archive
mailing list