[PATCH v38 15/24] x86/sgx: Enable provisioning for remote attestation

Sean Christopherson sean.j.christopherson at intel.com
Thu Oct 1 17:17:01 UTC 2020


On Tue, Sep 15, 2020 at 02:05:13PM +0300, Jarkko Sakkinen wrote:
> +/**
> + * sgx_ioc_enclave_set_attribute - handler for %SGX_IOC_ENCLAVE_PROVISION
> + * @filep:	open file to /dev/sgx
> + * @arg:	userspace pointer to a struct sgx_enclave_provision instance
> + *
> + * Mark the enclave as being allowed to access a restricted attribute bit.
> + * The requested attribute is specified via the attribute_fd field in the
> + * provided struct sgx_enclave_provision.  The attribute_fd must be a
> + * handle to an SGX attribute file, e.g. "/dev/sgx/provision".
> + *
> + * Failure to explicitly request access to a restricted attribute will cause
> + * sgx_ioc_enclave_init() to fail.  Currently, the only restricted attribute
> + * is access to the PROVISION_KEY.
> + *
> + * Note, access to the EINITTOKEN_KEY is disallowed entirely.
> + *
> + * Return: 0 on success, -errno otherwise
> + */
> +static long sgx_ioc_enclave_provision(struct sgx_encl *encl,
> +					  void __user *arg)
> +{
> +	struct sgx_enclave_provision params;
> +	struct file *attribute_file;
> +	int ret;
> +
> +	if (copy_from_user(&params, arg, sizeof(params)))
> +		return -EFAULT;
> +
> +	attribute_file = fget(params.attribute_fd);
> +	if (!attribute_file)
> +		return -EINVAL;
> +
> +	if (attribute_file->f_op != &sgx_provision_fops) {
> +		ret = -EINVAL;
> +		goto out;
> +	}
> +
> +	encl->attributes |= SGX_ATTR_PROVISIONKEY;

This is wrong, it needs to be

	encl->attributes_mask |= SGX_ATTR_PROVISION;

else sgx_encl_init() will fail this check

	if (encl->attributes & ~encl->attributes_mask)
		return -EACCES;

This obviously needs a selftest...

> +	ret = 0;
> +
> +out:
> +	fput(attribute_file);
> +	return ret;
> +}



More information about the Linux-security-module-archive mailing list