On Mon, Jun 10, 2019 at 11:17:44AM -0700, Sean Christopherson wrote:
> On Mon, Jun 10, 2019 at 08:45:06PM +0300, Jarkko Sakkinen wrote:
> > On Mon, Jun 10, 2019 at 09:15:33AM -0700, Sean Christopherson wrote:
> > > > 'flags' should would renamed as 'secinfo_flags_mask' even if the name is
> > > >
> From: Christopherson, Sean J
> Sent: Wednesday, June 12, 2019 7:34 AM
>
> On Tue, Jun 11, 2019 at 05:09:28PM -0700, Andy Lutomirski wrote:
> >
> > On Jun 10, 2019, at 3:28 PM, Xing, Cedric
> wrote:
> >
> > >> From: Andy Lutomirski [mailto:l...@kernel.org]
> > >> Sent: Monday, June 10, 2019
On Tue, Jun 11, 2019 at 05:09:28PM -0700, Andy Lutomirski wrote:
>
> On Jun 10, 2019, at 3:28 PM, Xing, Cedric wrote:
>
> >> From: Andy Lutomirski [mailto:l...@kernel.org]
> >> Sent: Monday, June 10, 2019 12:15 PM
> >> This seems like an odd workflow. Shouldn't the #PF return back to
> >>
On Jun 10, 2019, at 3:28 PM, Xing, Cedric wrote:
>> From: Andy Lutomirski [mailto:l...@kernel.org]
>> Sent: Monday, June 10, 2019 12:15 PM
>>
>> On Mon, Jun 10, 2019 at 11:29 AM Xing, Cedric
>> wrote:
>>>
From: Christopherson, Sean J
Sent: Wednesday, June 05, 2019 7:12 PM
> From: Andy Lutomirski [mailto:l...@kernel.org]
> Sent: Monday, June 10, 2019 12:15 PM
>
> On Mon, Jun 10, 2019 at 11:29 AM Xing, Cedric
> wrote:
> >
> > > From: Christopherson, Sean J
> > > Sent: Wednesday, June 05, 2019 7:12 PM
> > >
> > > +/**
> > > + * sgx_map_allowed - check vma
On Mon, Jun 10, 2019 at 11:29 AM Xing, Cedric wrote:
>
> > From: Christopherson, Sean J
> > Sent: Wednesday, June 05, 2019 7:12 PM
> >
> > +/**
> > + * sgx_map_allowed - check vma protections against the associated
> > enclave page
> > + * @encl:an enclave
> > + * @start: start address of
> From: Christopherson, Sean J
> Sent: Wednesday, June 05, 2019 7:12 PM
>
> +/**
> + * sgx_map_allowed - check vma protections against the associated
> enclave page
> + * @encl:an enclave
> + * @start: start address of the mapping (inclusive)
> + * @end: end address of the mapping
On Mon, Jun 10, 2019 at 08:45:06PM +0300, Jarkko Sakkinen wrote:
> On Mon, Jun 10, 2019 at 09:15:33AM -0700, Sean Christopherson wrote:
> > > 'flags' should would renamed as 'secinfo_flags_mask' even if the name is
> > > longish. It would use the same values as the SECINFO flags. The field in
> >
On Mon, Jun 10, 2019 at 09:15:33AM -0700, Sean Christopherson wrote:
> > 'flags' should would renamed as 'secinfo_flags_mask' even if the name is
> > longish. It would use the same values as the SECINFO flags. The field in
> > struct sgx_encl_page should have the same name. That would express
> >
On Mon, Jun 10, 2019 at 06:27:17PM +0300, Jarkko Sakkinen wrote:
> On Wed, Jun 05, 2019 at 07:11:42PM -0700, Sean Christopherson wrote:
> > [SNAP]
>
> Same general criticism as for the previous patch: try to say things as
> they are without anything extra.
>
> > A third alternative would be to
On Wed, Jun 05, 2019 at 07:11:42PM -0700, Sean Christopherson wrote:
> [SNAP]
Same general criticism as for the previous patch: try to say things as
they are without anything extra.
> A third alternative would be to pull the protection bits from the page's
> SECINFO, i.e. make decisions based on
Existing Linux Security Module policies restrict userspace's ability to
map memory, e.g. may require priveleged permissions to map a page that
is simultaneously writable and executable. Said permissions are often
tied to the file which backs the mapped memory, i.e. vm_file.
For reasons explained
12 matches
Mail list logo
