SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
Andy Lutomirski
luto at kernel.org
Mon Jun 3 21:37:17 UTC 2019
On Mon, Jun 3, 2019 at 1:54 PM Jarkko Sakkinen
<jarkko.sakkinen at linux.intel.com> wrote:
>
> On Thu, May 30, 2019 at 09:14:10AM -0700, Andy Lutomirski wrote:
> > > What is the "source file" i.e. the target of the check? Enclave file,
> > > sigstruct file, or /dev/sgx/enclave?
> >
> > Enclave file -- that is, the file backing the vma from which the data
> > is loaded.
>
> Wonder why KVM gets away without having this given that enclaves are
> lot alike VMs.
>
I would argue it's because access to /dev/kvm means you can execute
whatever you code you want in a VM. I don't see how this is
avoidable. On the other hand, it would be nice for SGX to not imply
this same sort of "execute anything" right, especially since, unlike
KVM, SGX is not a sandbox.
More information about the Linux-security-module-archive
mailing list