Re: Re: [PATCH v12 00/18] Enable FSGSBASE instructions

From: Sasha Levin
Date: Sun May 24 2020 - 17:20:05 EST

Next message: Pavel Machek: "Re: [PATCH v29 00/20] Intel SGX foundations"
Previous message: Sasha Levin: "Re: [GIT PULL] Driver core fixes for 5.7-rc7 - take 2"
In reply to: hpa: "Re: Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Next in thread: hpa: "Re: Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, May 24, 2020 at 12:45:18PM -0700, hpa@xxxxxxxxx wrote:

There are legitimate reasons to write a root-hole module, the main one being able to test security features like SMAP. I have requested before a TAINT flag specifically for this purpose, because TAINT_CRAP is nowhere near explicit enough, and is also used for staging drivers. Call it TAINT_TOXIC or TAINT_ROOTHOLE; it should always be accompanied with a CRIT level alert.

What I don't like about our current system of TAINT_* flags is that
while we can improve it as much as we want, no one outside of the kernel
tree seems to be using it. While Thomas may have been commenting on
Graphene's behaviour, look at any other code that did the same thing:

- Graphene: https://github.com/oscarlab/graphene-sgx-driver/blob/master/gsgx.c
- Occlum: https://github.com/occlum/enable_rdfsbase/blob/master/enable_rdfsbase.c
- SGX-LKL: https://github.com/lsds/sgx-lkl/blob/master/tools/kmod-set-fsgsbase/mod_set_cr4_fsgsbase.c

None of which set even the CRAP flag.

--
Thanks,
Sasha

Next message: Pavel Machek: "Re: [PATCH v29 00/20] Intel SGX foundations"
Previous message: Sasha Levin: "Re: [GIT PULL] Driver core fixes for 5.7-rc7 - take 2"
In reply to: hpa: "Re: Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Next in thread: hpa: "Re: Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]