Re: [PATCH v12 00/18] Enable FSGSBASE instructions

[Jarkko Sakkinen]

On Tue, May 19, 2020 at 01:03:25AM +0200, Thomas Gleixner wrote:
> Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> writes:
> > On Mon, 2020-05-18 at 08:34 -0700, Andi Kleen wrote:
> >> > Yes, for SGX this is functional feature because enclave entry points,
> >> > thread control structures (aka TCS's), reset FSBASE and GSBASE registers
> >> > to fixed (albeit user defined) values. And syscall's can be done only
> >> > outside of enclave.
> >> > 
> >> > This is a required feature for fancier runtimes (such as Graphene).
> >> 
> >> Can you please explain a bit more? What do they need GS for?
> >
> > Apparently, uses only wrfsbase:
> >
> > https://raw.githubusercontent.com/oscarlab/graphene/master/Pal/src/host/Linux-SGX/db_misc.c
> >
> > I'm not too familiar with the codebase yet but by reading some research
> > papers in the past the idea is to multiplex one TCS for multiple virtual
> > threads inside the enclave.
> >
> > E.g. TCS could represent a vcpu for a libos type of container and on
> > entry would pick on a thread and set fsbase accordingly for a thread
> > control block.
> 
> That justifies to write books which recommend to load a kernel module
> which creates a full unpriviledged root hole. I bet none of these papers
> ever mentioned that.

Fully agree that oot lkm for this is a worst idea ever.

That's why I want to help with this.

/Jarkko