On Fri, Nov 13, 2020 at 12:01:21AM +0200, Jarkko Sakkinen wrote: > From: Sean Christopherson <[email protected]> > > Background > ========== > > 1. SGX enclave pages are populated with data by copying from normal memory > via ioctl() (SGX_IOC_ENCLAVE_ADD_PAGES), which will be added later in > this series. > 2. It is desirable to be able to restrict those normal memory data sources. > For instance, to ensure that the source data is executable before > copying data to an executable enclave page. > 3. Enclave page permissions are dynamic (just like normal permissions) and > can be adjusted at runtime with mprotect(). > > This creates a problem because the original data source may have long since > vanished at the time when enclave page permissions are established (mmap() > or mprotect()). > > The solution (elsewhere in this series) is to force enclaves creators to > declare their paging permission *intent* up front to the ioctl(). This > intent can be immediately compared to the source data???s mapping and > rejected if necessary. > > The ???intent??? is also stashed off for later comparison with enclave > PTEs. This ensures that any future mmap()/mprotect() operations > performed by the enclave creator or done on behalf of the enclave > can be compared with the earlier declared permissions. > > Problem > ======= > > There is an existing mmap() hook which allows SGX to perform this > permission comparison at mmap() time. However, there is no corresponding > ->mprotect() hook. > > Solution > ======== > > Add a vm_ops->mprotect() hook so that mprotect() operations which are > inconsistent with any page's stashed intent can be rejected by the driver. > > Cc: [email protected] > Cc: Andrew Morton <[email protected]> > Cc: Matthew Wilcox <[email protected]> > Cc: Mel Gorman <[email protected]> > Acked-by: Jethro Beekman <[email protected]> # v40 > Acked-by: Dave Hansen <[email protected]> # v40 > # Signed-off-by: Sean Christopherson <[email protected]> > Co-developed-by: Jarkko Sakkinen <[email protected]> > Signed-off-by: Jarkko Sakkinen <[email protected]>
Acked-by: Mel Gorman <[email protected]> -- Mel Gorman SUSE Labs
