Re: x86/sgx: uapi change proposal
From: Jarkko Sakkinen
Date: Fri Jan 11 2019 - 11:08:10 EST
On Thu, Jan 10, 2019 at 01:36:15PM -0800, Andy Lutomirski wrote:
> > Does it even matter if just leave EINITTOKENKEY attribute unprivileged
> > given that Linux requires that MSRs are writable? Maybe I'll just
> > whitelist that attribute to any enclave?
> >
>
> I would at least make it work like the PROVISIONKEY bit (or whatever
> it's called). Or just deny it at first. It's easy to start allowing
> it if we need to down the road, but it's harder to start denying it.
I think that would be a great idea to add another file to securityfs
for this. Would fit perfectly to your "systemd privilege sharing"
daemon example. Here consistency would be really nice.
/Jarkko