Re: [PATCH 03/25] x86/sgx: Support VMA permissions exceeding enclave permissions

From: Jarkko Sakkinen
Date: Sat Dec 11 2021 - 00:40:03 EST

Next message: JeffleXu: "Re: [Linux-cachefs] [RFC 09/19] netfs: refactor netfs_rreq_unlock()"
Previous message: Miaoqian Lin: "[PATCH] perf tools: Fix NULL vs IS_ERR_OR_NULL() checking"
Next in thread: Reinette Chatre: "Re: [PATCH 03/25] x86/sgx: Support VMA permissions exceeding enclave permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2021-12-06 at 13:16 -0800, Reinette Chatre wrote:
> Hi Jarkko,
>
> On 12/4/2021 2:27 PM, Jarkko Sakkinen wrote:
> > On Sun, Dec 05, 2021 at 12:25:59AM +0200, Jarkko Sakkinen wrote:
> > > On Wed, Dec 01, 2021 at 11:23:01AM -0800, Reinette Chatre wrote:
> > > > === Summary ===
> > > >
> > > > An SGX VMA can only be created if its permissions are the same or
> > > > weaker than the Enclave Page Cache Map (EPCM) permissions. After VMA
> > > > creation this rule continues to be enforced by the page fault handler.
> > > >
> > > > With SGX2 the EPCM permissions of a page can change after VMA
> > > > creation resulting in the VMA exceeding the EPCM permissions and the
> > > > page fault handler incorrectly blocking access.
> > > >
> > > > Enable the VMA's pages to remain accessible while ensuring that
> > > > the page table entries are installed to match the EPCM permissions
> > > > without exceeding the VMA perms issions.
> > >
> > > I don't understand what the short summary means in English, and the
> > > commit message is way too bloated to make any conclusions. It really
> > > needs a rewrite.
> > >
> > > These were the questions I could not find answer for:
> > >
> > > 1. Why it would be by any means safe to remove a permission check?
>
> The permission check is redundant for SGX1 and incorrect for SGX2.
>
> In the current SGX1 implementation the permission check in
> sgx_encl_load_page() is redundant because an SGX VMA can only be created
> if its permissions are the same or weaker than the EPCM permissions.
>
> In SGX2 a user is able to change EPCM permissions during runtime (while
> VMA has the memory mapped). A RW VMA may thus originally have mapped an
> enclave page with RW EPCM permissions but since then the enclave page
> may have its permissions changed to read-only. The VMA should still be
> able to read those enclave pages but the check in sgx_encl_load_page()
> will prevent that.
>
> > > 2. Why not re-issuing mmap()'s is unfeasible? I.e. close existing
> > > VMA's and mmap() new ones.
>
> User is not prevented from closing existing VMAs and creating new ones.
>
> > 3. Isn't this an API/ABI break?
>
> Could you please elaborate where you see the API/ABI break? The rule
> that new VMAs cannot exceed EPCM permissions is untouched.
>
> Reinette

I just don't understand the description. There's a whole bunch of text
but

It does not discuss what the patch does in low-level detail what the
patch does, e.g. the use of vm_insert_pfn_prot(). I honestly do not
get the story here...

/Jarkko

Next message: JeffleXu: "Re: [Linux-cachefs] [RFC 09/19] netfs: refactor netfs_rreq_unlock()"
Previous message: Miaoqian Lin: "[PATCH] perf tools: Fix NULL vs IS_ERR_OR_NULL() checking"
Next in thread: Reinette Chatre: "Re: [PATCH 03/25] x86/sgx: Support VMA permissions exceeding enclave permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]