Re: [PATCH v20 00/28] Intel SGX1 support

From: Jethro Beekman
Date: Fri Apr 19 2019 - 16:47:03 EST

On 2019-04-19 13:39, Thomas Gleixner wrote:
> On Fri, 19 Apr 2019, Jethro Beekman wrote:
>> On 2019-04-19 08:27, Andy Lutomirski wrote:
>>> There are many,
>>> many Linux systems that enforce a policy that *all* executable text
>>> needs to come from a verified source. On these systems, you can't
>>> mmap some writable memory, write to it, and then change it to
>>> executable.
>> How is this implemented on those systems? AFAIK there's no kernel config
>> option that changes the semantics of mmap as you describe.
> That has nothing to do with mmap() semantics. You mmap() writeable memory
> and then you change the permissions via mprotect(). mprotect() calls into
> LSM and depending on policy and security model this will reject the
> request.
> Andy was pointing out that the SGX ioctl bypasses the LSM mechanics which
> is obviously a bad thing.

We could modify the driver such that when you call ioctl EADD, the page
table permissions need to be the PAGEINFO.SECINFO.FLAGS | PROT_WRITE,
otherwise you get EPERM or so. After EADD, if you want, you can restrict
the page table permissions again using mprotect but the page table
permissions don't really matter for SGX.

Jethro Beekman | Fortanix