SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)

Jarkko Sakkinen jarkko.sakkinen at linux.intel.com
Mon Jun 3 20:47:49 UTC 2019


On Thu, May 30, 2019 at 11:04:24AM -0400, Stephen Smalley wrote:
> Does this occur for both setting initial permissions and runtime permissions
> or just runtime? Both userspace- and driver-initiated mmap/mprotect
> operations or just userspace-initiated ones?  Does the driver use interfaces
> that call the mmap/mprotect hooks or lower level functions?

The driver never initiates mmap() or mprotect().

/Jarkko



More information about the Linux-security-module-archive mailing list