[PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Andy Lutomirski
luto at amacapital.net
Fri Feb 14 17:40:00 UTC 2020
> On Feb 14, 2020, at 9:11 AM, Sean Christopherson <sean.j.christopherson at intel.com> wrote:
>
> On Fri, Feb 14, 2020 at 10:24:10AM +0100, Jethro Beekman wrote:
>>> On 2020-02-13 19:07, Sean Christopherson wrote:
>>> On Thu, Feb 13, 2020 at 02:59:52PM +0100, Jethro Beekman wrote:
>>>> On 2020-02-09 22:25, Jarkko Sakkinen wrote:
>>>>> +/**
>>>>> + * struct sgx_enclave_add_pages - parameter structure for the
>>>>> + * %SGX_IOC_ENCLAVE_ADD_PAGE ioctl
>>>>> + * @src: start address for the page data
>>>>> + * @offset: starting page offset
>>>>> + * @length: length of the data (multiple of the page size)
>>>>> + * @secinfo: address for the SECINFO data
>>>>> + * @flags: page control flags
>>>>> + * @count: number of bytes added (multiple of the page size)
>>>>> + */
>>>>> +struct sgx_enclave_add_pages {
>>>>> + __u64 src;
>>>>> + __u64 offset;
>>>>> + __u64 length;
>>>>> + __u64 secinfo;
>>>>> + __u64 flags;
>>>>> + __u64 count;
>>>>> +};
>>>>
>>>> Compared to the last time I looked at the patch set, this API removes the
>>>> ability to measure individual pages chunks. That is not acceptable.
>>>
>>> Why is it not acceptable? E.g. what specific use case do you have that
>>> _requires_ on measuring partial 4k pages of an enclave?
>>
>> The use case is someone gives me an enclave and I want to load it. If I don't
>> load it exactly as the enclave author specified, the enclave hash will be
>> different, and it won't work.
>
> And if our ABI says "thou shall measure in 4k chunks", then it's an invalid
> enclave if its author generated MRENCLAVE using a different granularity.
ISTM, unless there’s a particularly compelling reason, if an enclave is valid, we should be able to load it.
More information about the Linux-security-module-archive
mailing list