[PATCH v19 17/27] x86/sgx: Add provisioning

Huang, Kai kai.huang at intel.com
Thu Mar 21 02:08:36 UTC 2019 

On Tue, 2019-03-19 at 13:09 -0700, Sean Christopherson wrote:
> On Sun, Mar 17, 2019 at 11:14:46PM +0200, Jarkko Sakkinen wrote:
> > In order to provide a mechanism for devilering provisoning rights:
> > 
> > 1. Add a new file to the securityfs file called sgx/provision that works
> >    as a token for allowing an enclave to have the provisioning privileges.
> > 2. Add a new ioctl called SGX_IOC_ENCLAVE_SET_ATTRIBUTE that accepts the
> >    following data structure:
> > 
> >    struct sgx_enclave_set_attribute {
> >            __u64 addr;
> >            __u64 token_fd;
> >    };

Would you elaborate why the name is "token_fd"? I think *token* in SGX has more specific meaning?

> > 
> > A daemon could sit on top of sgx/provision and send a file descriptor of
> > this file to a process that needs to be able to provision enclaves.
> > 
> > The way this API is used is more or less straight-forward. Lets assume that
> > dev_fd is a handle to /dev/sgx and prov_fd is a handle to sgx/provision.
> > You would allow SGX_IOC_ENCLAVE_CREATE to initialize an enclave with the
> > PROVISIONKEY attribute by
> > 
> > params.addr = <enclave address>;
> > params.token_fd = prov_fd;
> > 
> > ioctl(dev_fd, SGX_IOC_ENCLAVE_SET_ATTRIBUTE, &params);
> > 
> > Cc: James Morris <jmorris at namei.org>
> > Cc: Serge E. Hallyn <serge at hallyn.com>
> > Cc: linux-security-module at vger.kernel.org
> > Suggested-by: Andy Lutomirski <luto at kernel.org>
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen at linux.intel.com>
> > ---
> >  arch/x86/include/uapi/asm/sgx.h        | 13 +++++++
> >  arch/x86/kernel/cpu/sgx/driver/ioctl.c | 43 +++++++++++++++++++++++
> >  arch/x86/kernel/cpu/sgx/driver/main.c  | 47 ++++++++++++++++++++++++++
> >  3 files changed, 103 insertions(+)
> > 
> > diff --git a/arch/x86/include/uapi/asm/sgx.h b/arch/x86/include/uapi/asm/sgx.h
> > index aadf9c76e360..150a784db395 100644
> > --- a/arch/x86/include/uapi/asm/sgx.h
> > +++ b/arch/x86/include/uapi/asm/sgx.h
> > @@ -16,6 +16,8 @@
> >  	_IOW(SGX_MAGIC, 0x01, struct sgx_enclave_add_page)
> >  #define SGX_IOC_ENCLAVE_INIT \
> >  	_IOW(SGX_MAGIC, 0x02, struct sgx_enclave_init)
> > +#define SGX_IOC_ENCLAVE_SET_ATTRIBUTE \
> > +	_IOW(SGX_MAGIC, 0x03, struct sgx_enclave_set_attribute)
> >  
> >  /* IOCTL return values */
> >  #define SGX_POWER_LOST_ENCLAVE		0x40000000
> > @@ -56,4 +58,15 @@ struct sgx_enclave_init {
> >  	__u64	sigstruct;
> >  };
> >  
> > +/**
> > + * struct sgx_enclave_set_attribute - parameter structure for the
> > + *				      %SGX_IOC_ENCLAVE_INIT ioctl
> > + * @addr:		address within the ELRANGE
> > + * @attribute_fd:	file handle of the attribute file in the securityfs
> > + */
> > +struct sgx_enclave_set_attribute {
> > +	__u64	addr;
> > +	__u64	attribute_fd;
> > +};
> > +
> >  #endif /* _UAPI_ASM_X86_SGX_H */
> > diff --git a/arch/x86/kernel/cpu/sgx/driver/ioctl.c b/arch/x86/kernel/cpu/sgx/driver/ioctl.c
> > index 4b9a91b53b50..5d85bd3f7876 100644
> > --- a/arch/x86/kernel/cpu/sgx/driver/ioctl.c
> > +++ b/arch/x86/kernel/cpu/sgx/driver/ioctl.c
> > @@ -759,6 +759,46 @@ static long sgx_ioc_enclave_init(struct file *filep, unsigned int cmd,
> >  	return ret;
> >  }
> >  
> > +/**
> > + * sgx_ioc_enclave_set_attribute - handler for %SGX_IOC_ENCLAVE_SET_ATTRIBUTE
> > + * @filep:	open file to /dev/sgx
> > + * @cmd:	the command value
> > + * @arg:	pointer to a struct sgx_enclave_set_attribute instance
> > + *
> > + * Sets an attribute matching the attribute file that is pointed by the
> > + * parameter structure field attribute_fd.
> 
> With the @data change (see below), this becomes something like:
> 
>  * Allow the enclave to request the attribute managed by the SGX security file
>  * pointed at by the parameter structure field attribute_fd.
> 
> > + *
> > + * Return: 0 on success, -errno otherwise
> > + */
> > +static long sgx_ioc_enclave_set_attribute(struct file *filep, unsigned int cmd,
> > +					  unsigned long arg)
> > +{
> > +	struct sgx_enclave_set_attribute *params = (void *)arg;
> > +	struct file *attribute_file;
> > +	struct sgx_encl *encl;
> > +	int ret;
> > +
> > +	attribute_file = fget(params->attribute_fd);
> > +	if (!attribute_file->f_op)
> 
> This should be:
> 
> 	if (!attribute_file)
> 		return -EINVAL;
> 
> > +		return -EINVAL;
> > +
> > +	if (attribute_file->f_op != &sgx_fs_provision_fops) {
> > +		ret = -EINVAL;
> > +		goto out;
> > +	}
> > +
> > +	ret = sgx_encl_get(params->addr, &encl);
> > +	if (ret)
> > +		goto out;
> > +
> > +	encl->allowed_attributes |= SGX_ATTR_PROVISIONKEY;
> 
> A cleanr approach would be to pass SGX_ATTR_PROVISIONKEY via @data to
> securityfs_create_file().  Then you don't need to define dummy file_ops
> for each file, i.e. a generic sgx_sec_fs_ops would suffice for the above
> check.  And you don't have this weird hardcoding of the provision bit.
> 
> E.g.:
> 
> 	if (attribute_file->f_op != &sgx_sec_fs_fops) {
> 		ret = -EINVAL;
> 		goto out;
> 	}
> 
> 	ret = sgx_encl_get(params->addr, &encl);
> 	if (ret)
> 		goto out;
> 
> 	encl->allowed_attributes |= (u64)attribute_file->private_data;
> 
> Since SGX doesn't support 32-bit builds we don't even need to worry about
> the (very distant) future where SGX defines bits in the 63:32 range.
> 

Agree with Sean that passing SGX_ATTR_PROVISIONKEY via @data is more cleaner.

Thanks,
-Kai

More information about the Linux-security-module-archive mailing list