Re: x86/sgx: uapi change proposal

From: Jarkko Sakkinen
Date: Thu Jan 10 2019 - 12:46:03 EST

Next message: Sylwester Nawrocki: "Re: [PATCH 4/4] dt-bindings: mfd: max8998: Add charger subnode binding"
Previous message: Mathieu Desnoyers: "Perf: event wakeup discards sched_waking events"
In reply to: Sean Christopherson: "Re: x86/sgx: uapi change proposal"
Next in thread: Andy Lutomirski: "Re: x86/sgx: uapi change proposal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jan 08, 2019 at 02:54:11PM -0800, Andy Lutomirski wrote:
> I do think it makes sense to have QEMU delegate the various ENCLS
> operations (especially EINIT) to the regular SGX interface, which will
> mean that VM guests will have exactly the same access controls applied
> as regular user programs, which is probably what we want. If so,
> there will need to be a way to get INITTOKEN privilege for the purpose
> of running non-Linux OSes in the VM, which isn't the end of the world.
> We might still want the actual ioctl to do EINIT using an actual
> explicit token to be somehow restricted in a way that strongly
> discourages its use by anything other than a hypervisor. Or I suppose
> we could just straight-up ignore the guest-provided init token.

Does it even matter if just leave EINITTOKENKEY attribute unprivileged
given that Linux requires that MSRs are writable? Maybe I'll just
whitelist that attribute to any enclave?

/Jarkko

Next message: Sylwester Nawrocki: "Re: [PATCH 4/4] dt-bindings: mfd: max8998: Add charger subnode binding"
Previous message: Mathieu Desnoyers: "Perf: event wakeup discards sched_waking events"
In reply to: Sean Christopherson: "Re: x86/sgx: uapi change proposal"
Next in thread: Andy Lutomirski: "Re: x86/sgx: uapi change proposal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]