[v32,12/21] x86/sgx: Add provisioning

Message ID	20200601075218.65618-13-jarkko.sakkinen@linux.intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=Np89=7O=vger.kernel.org=linux-sgx-owner@kernel.org> Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 67F51139A for <patchwork-linux-sgx@patchwork.kernel.org>; Mon, 1 Jun 2020 07:53:56 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 54AE620734 for <patchwork-linux-sgx@patchwork.kernel.org>; Mon, 1 Jun 2020 07:53:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728361AbgFAHxx (ORCPT <rfc822;patchwork-linux-sgx@patchwork.kernel.org>); Mon, 1 Jun 2020 03:53:53 -0400 Received: from mga18.intel.com ([134.134.136.126]:18060 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726072AbgFAHxw (ORCPT <rfc822;linux-sgx@vger.kernel.org>); Mon, 1 Jun 2020 03:53:52 -0400 IronPort-SDR: cnSeKL7G3xBrr+Wbiv08ZEtywbeJl4FaWhV+15SEwqhIuOZtv7h7hjfOO9SrKTlubySyV2oEIu b/tEdjjoj++Q== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jun 2020 00:53:51 -0700 IronPort-SDR: 0PE5cPqWV8oME7RVn+QlVzPtVpHh7s15DtKCWdCz1v0s6sUBdohktHt2vIhCKlyWjN3D2FzH+h YN0tjOXiLZfg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,460,1583222400"; d="scan'208";a="311879675" Received: from yhanin-mobl1.ger.corp.intel.com (HELO localhost) ([10.249.43.17]) by FMSMGA003.fm.intel.com with ESMTP; 01 Jun 2020 00:53:44 -0700 From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-sgx@vger.kernel.org Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, linux-security-module@vger.kernel.org, Jethro Beekman <jethro@fortanix.com>, Andy Lutomirski <luto@kernel.org>, akpm@linux-foundation.org, andriy.shevchenko@linux.intel.com, asapek@google.com, bp@alien8.de, cedric.xing@intel.com, chenalexchen@google.com, conradparker@google.com, cyhanish@google.com, dave.hansen@intel.com, haitao.huang@intel.com, josh@joshtriplett.org, kai.huang@intel.com, kai.svahn@intel.com, kmoy@google.com, ludloff@google.com, nhorman@redhat.com, npmccallum@redhat.com, puiterwijk@redhat.com, rientjes@google.com, sean.j.christopherson@intel.com, tglx@linutronix.de, yaozhangx@google.com Subject: [PATCH v32 12/21] x86/sgx: Add provisioning Date: Mon, 1 Jun 2020 10:52:09 +0300 Message-Id: <20200601075218.65618-13-jarkko.sakkinen@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200601075218.65618-1-jarkko.sakkinen@linux.intel.com> References: <20200601075218.65618-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=a Content-Transfer-Encoding: 8bit Sender: linux-sgx-owner@vger.kernel.org Precedence: bulk List-ID: <linux-sgx.vger.kernel.org> X-Mailing-List: linux-sgx@vger.kernel.org
Series	Intel SGX foundations \| expand [v32,00/21] Intel SGX foundations [v32,01/21] x86/cpufeatures: x86/msr: Add Intel SGX hardware bits [v32,02/21] x86/cpufeatures: x86/msr: Add Intel SGX Launch Control hardware bits [v32,03/21] x86/mm: x86/sgx: Signal SIGSEGV with PF_SGX [v32,04/21] x86/sgx: Add SGX microarchitectural data structures [v32,05/21] x86/sgx: Add wrappers for ENCLS leaf functions [v32,06/21] x86/cpu/intel: Detect SGX support [v32,07/21] x86/cpu/intel: Add nosgx kernel parameter [v32,08/21] x86/sgx: Initialize metadata for Enclave Page Cache (EPC) sections [v32,09/21] x86/sgx: Add __sgx_alloc_epc_page() and sgx_free_epc_page() [v32,10/21] mm: Introduce vm_ops->may_mprotect() [v32,11/21] x86/sgx: Linux Enclave Driver [v32,12/21] x86/sgx: Add provisioning [v32,13/21] x86/sgx: Add a page reclaimer [v32,14/21] x86/sgx: ptrace() support for the SGX driver [v32,15/21] x86/vdso: Add support for exception fixup in vDSO functions [v32,16/21] x86/fault: Add helper function to sanitize error code [v32,17/21] x86/traps: Attempt to fixup exceptions in vDSO before signaling [v32,18/21] x86/vdso: Implement a vDSO for Intel SGX enclave call [v32,19/21] selftests/x86: Add a selftest for SGX [v32,20/21] docs: x86/sgx: Document SGX micro architecture and kernel internals [v32,21/21] x86/sgx: Update MAINTAINERS

Message ID

20200601075218.65618-13-jarkko.sakkinen@linux.intel.com (mailing list archive)

State

New, archived

Headers

IronPort-SDR: 
 cnSeKL7G3xBrr+Wbiv08ZEtywbeJl4FaWhV+15SEwqhIuOZtv7h7hjfOO9SrKTlubySyV2oEIu
 b/tEdjjoj++Q==
IronPort-SDR: 
 0PE5cPqWV8oME7RVn+QlVzPtVpHh7s15DtKCWdCz1v0s6sUBdohktHt2vIhCKlyWjN3D2FzH+h
 YN0tjOXiLZfg==
From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: linux-kernel@vger.kernel.org, x86@kernel.org,
        linux-sgx@vger.kernel.org
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        linux-security-module@vger.kernel.org,
        Jethro Beekman <jethro@fortanix.com>,
        Andy Lutomirski <luto@kernel.org>, akpm@linux-foundation.org,
        andriy.shevchenko@linux.intel.com, asapek@google.com, bp@alien8.de,
        cedric.xing@intel.com, chenalexchen@google.com,
        conradparker@google.com, cyhanish@google.com,
        dave.hansen@intel.com, haitao.huang@intel.com,
        josh@joshtriplett.org, kai.huang@intel.com, kai.svahn@intel.com,
        kmoy@google.com, ludloff@google.com, nhorman@redhat.com,
        npmccallum@redhat.com, puiterwijk@redhat.com, rientjes@google.com,
        sean.j.christopherson@intel.com, tglx@linutronix.de,
        yaozhangx@google.com
Subject: [PATCH v32 12/21] x86/sgx: Add provisioning
Date: Mon,  1 Jun 2020 10:52:09 +0300
Message-Id: <20200601075218.65618-13-jarkko.sakkinen@linux.intel.com>
In-Reply-To: <20200601075218.65618-1-jarkko.sakkinen@linux.intel.com>
References: <20200601075218.65618-1-jarkko.sakkinen@linux.intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=a
Content-Transfer-Encoding: 8bit
Sender: linux-sgx-owner@vger.kernel.org
Precedence: bulk

Series

Intel SGX foundations | expand

Commit Message

Jarkko Sakkinen June 1, 2020, 7:52 a.m. UTC

In order to provide a mechanism for devilering provisoning rights:

1. Add a new device file /dev/sgx/provision that works as a token for
   allowing an enclave to have the provisioning privileges.
2. Add a new ioctl called SGX_IOC_ENCLAVE_SET_ATTRIBUTE that accepts the
   following data structure:

   struct sgx_enclave_set_attribute {
           __u64 addr;
           __u64 attribute_fd;
   };

A daemon could sit on top of /dev/sgx/provision and send a file
descriptor of this file to a process that needs to be able to provision
enclaves.

The way this API is used is straight-forward. Lets assume that dev_fd is
a handle to /dev/sgx/enclave and prov_fd is a handle to
/dev/sgx/provision.  You would allow SGX_IOC_ENCLAVE_CREATE to
initialize an enclave with the PROVISIONKEY attribute by

params.addr = <enclave address>;
params.token_fd = prov_fd;

ioctl(dev_fd, SGX_IOC_ENCLAVE_SET_ATTRIBUTE, &params);

Cc: linux-security-module@vger.kernel.org
Acked-by: Jethro Beekman <jethro@fortanix.com>
Suggested-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 arch/x86/include/uapi/asm/sgx.h  | 11 ++++++++
 arch/x86/kernel/cpu/sgx/driver.c | 14 ++++++++++
 arch/x86/kernel/cpu/sgx/driver.h |  2 ++
 arch/x86/kernel/cpu/sgx/ioctl.c  | 47 ++++++++++++++++++++++++++++++++
 4 files changed, 74 insertions(+)

Comments

Darren Kenny June 5, 2020, 8:09 p.m. UTC | #1

Hi Jarkko,

Just a couple of nits below...

On Monday, 2020-06-01 at 10:52:09 +03, Jarkko Sakkinen wrote:
> In order to provide a mechanism for devilering provisoning rights:

TYPO: s/devilering/delivering/?

>
> 1. Add a new device file /dev/sgx/provision that works as a token for
>    allowing an enclave to have the provisioning privileges.
> 2. Add a new ioctl called SGX_IOC_ENCLAVE_SET_ATTRIBUTE that accepts the
>    following data structure:
>
>    struct sgx_enclave_set_attribute {
>            __u64 addr;
>            __u64 attribute_fd;
>    };
>
> A daemon could sit on top of /dev/sgx/provision and send a file
> descriptor of this file to a process that needs to be able to provision
> enclaves.
>
> The way this API is used is straight-forward. Lets assume that dev_fd is
> a handle to /dev/sgx/enclave and prov_fd is a handle to
> /dev/sgx/provision.  You would allow SGX_IOC_ENCLAVE_CREATE to
> initialize an enclave with the PROVISIONKEY attribute by
>
> params.addr = <enclave address>;
> params.token_fd = prov_fd;
>
> ioctl(dev_fd, SGX_IOC_ENCLAVE_SET_ATTRIBUTE, &params);
>
> Cc: linux-security-module@vger.kernel.org
> Acked-by: Jethro Beekman <jethro@fortanix.com>
> Suggested-by: Andy Lutomirski <luto@kernel.org>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
>  arch/x86/include/uapi/asm/sgx.h  | 11 ++++++++
>  arch/x86/kernel/cpu/sgx/driver.c | 14 ++++++++++
>  arch/x86/kernel/cpu/sgx/driver.h |  2 ++
>  arch/x86/kernel/cpu/sgx/ioctl.c  | 47 ++++++++++++++++++++++++++++++++
>  4 files changed, 74 insertions(+)
>
> diff --git a/arch/x86/include/uapi/asm/sgx.h b/arch/x86/include/uapi/asm/sgx.h
> index 5edb08ab8fd0..57d0d30c79b3 100644
> --- a/arch/x86/include/uapi/asm/sgx.h
> +++ b/arch/x86/include/uapi/asm/sgx.h
> @@ -25,6 +25,8 @@ enum sgx_page_flags {
>  	_IOWR(SGX_MAGIC, 0x01, struct sgx_enclave_add_pages)
>  #define SGX_IOC_ENCLAVE_INIT \
>  	_IOW(SGX_MAGIC, 0x02, struct sgx_enclave_init)
> +#define SGX_IOC_ENCLAVE_SET_ATTRIBUTE \
> +	_IOW(SGX_MAGIC, 0x03, struct sgx_enclave_set_attribute)
>  
>  /**
>   * struct sgx_enclave_create - parameter structure for the
> @@ -63,4 +65,13 @@ struct sgx_enclave_init {
>  	__u64 sigstruct;
>  };
>  
> +/**
> + * struct sgx_enclave_set_attribute - parameter structure for the
> + *				      %SGX_IOC_ENCLAVE_SET_ATTRIBUTE ioctl
> + * @attribute_fd:	file handle of the attribute file in the securityfs
> + */
> +struct sgx_enclave_set_attribute {
> +	__u64 attribute_fd;
> +};
> +
>  #endif /* _UAPI_ASM_X86_SGX_H */
> diff --git a/arch/x86/kernel/cpu/sgx/driver.c b/arch/x86/kernel/cpu/sgx/driver.c
> index b4aa7b9f8376..d90114cec1c3 100644
> --- a/arch/x86/kernel/cpu/sgx/driver.c
> +++ b/arch/x86/kernel/cpu/sgx/driver.c
> @@ -150,6 +150,13 @@ static struct miscdevice sgx_dev_enclave = {
>  	.fops = &sgx_encl_fops,
>  };
>  
> +static struct miscdevice sgx_dev_provision = {
> +	.minor = MISC_DYNAMIC_MINOR,
> +	.name = "provision",
> +	.nodename = "sgx/provision",
> +	.fops = &sgx_provision_fops,
> +};
> +
>  int __init sgx_drv_init(void)
>  {
>  	unsigned int eax, ebx, ecx, edx;
> @@ -190,5 +197,12 @@ int __init sgx_drv_init(void)
>  		return ret;
>  	}
>  
> +	ret = misc_register(&sgx_dev_provision);
> +	if (ret) {
> +		pr_err("Creating /dev/sgx/provision failed with %d.\n", ret);
> +		misc_deregister(&sgx_dev_enclave);
> +		return ret;
> +	}
> +
>  	return 0;
>  }
> diff --git a/arch/x86/kernel/cpu/sgx/driver.h b/arch/x86/kernel/cpu/sgx/driver.h
> index e4063923115b..72747d01c046 100644
> --- a/arch/x86/kernel/cpu/sgx/driver.h
> +++ b/arch/x86/kernel/cpu/sgx/driver.h
> @@ -23,6 +23,8 @@ extern u64 sgx_attributes_reserved_mask;
>  extern u64 sgx_xfrm_reserved_mask;
>  extern u32 sgx_xsave_size_tbl[64];
>  
> +extern const struct file_operations sgx_provision_fops;
> +
>  long sgx_ioctl(struct file *filep, unsigned int cmd, unsigned long arg);
>  
>  int sgx_drv_init(void);
> diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
> index 757cb9a4ae70..713bce437659 100644
> --- a/arch/x86/kernel/cpu/sgx/ioctl.c
> +++ b/arch/x86/kernel/cpu/sgx/ioctl.c
> @@ -669,6 +669,50 @@ static long sgx_ioc_enclave_init(struct sgx_encl *encl, void __user *arg)
>  	return ret;
>  }
>  
> +/**
> + * sgx_ioc_enclave_set_attribute - handler for %SGX_IOC_ENCLAVE_SET_ATTRIBUTE
> + * @filep:	open file to /dev/sgx
> + * @arg:	userspace pointer to a struct sgx_enclave_set_attribute instance
> + *
> + * Mark the enclave as being allowed to access a restricted attribute bit.
> + * The requested attribute is specified via the attribute_fd field in the
> + * provided struct sgx_enclave_set_attribute.  The attribute_fd must be a
> + * handle to an SGX attribute file, e.g. €/dev/sgx/provision".

Maybe this should be simply a double-quote rather than the Unicode left
quote?

Thanks,

Darren.

> + *
> + * Failure to explicitly request access to a restricted attribute will cause
> + * sgx_ioc_enclave_init() to fail.  Currently, the only restricted attribute
> + * is access to the PROVISION_KEY.
> + *
> + * Note, access to the EINITTOKEN_KEY is disallowed entirely.
> + *
> + * Return: 0 on success, -errno otherwise
> + */
> +static long sgx_ioc_enclave_set_attribute(struct sgx_encl *encl,
> +					  void __user *arg)
> +{
> +	struct sgx_enclave_set_attribute params;
> +	struct file *attribute_file;
> +	int ret;
> +
> +	if (copy_from_user(&params, arg, sizeof(params)))
> +		return -EFAULT;
> +
> +	attribute_file = fget(params.attribute_fd);
> +	if (!attribute_file)
> +		return -EINVAL;
> +
> +	if (attribute_file->f_op != &sgx_provision_fops) {
> +		ret = -EINVAL;
> +		goto out;
> +	}
> +
> +	encl->allowed_attributes |= SGX_ATTR_PROVISIONKEY;
> +	ret = 0;
> +
> +out:
> +	fput(attribute_file);
> +	return ret;
> +}
>  
>  long sgx_ioctl(struct file *filep, unsigned int cmd, unsigned long arg)
>  {
> @@ -694,6 +738,9 @@ long sgx_ioctl(struct file *filep, unsigned int cmd, unsigned long arg)
>  	case SGX_IOC_ENCLAVE_INIT:
>  		ret = sgx_ioc_enclave_init(encl, (void __user *)arg);
>  		break;
> +	case SGX_IOC_ENCLAVE_SET_ATTRIBUTE:
> +		ret = sgx_ioc_enclave_set_attribute(encl, (void __user *)arg);
> +		break;
>  	default:
>  		ret = -ENOIOCTLCMD;
>  		break;

Jarkko Sakkinen June 16, 2020, 7:55 p.m. UTC | #2

On Fri, Jun 05, 2020 at 09:09:49PM +0100, Darren Kenny wrote:
> TYPO: s/devilering/delivering/?

I decided to rewrite the whole thing:

  x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation

  Provisioning Certification Enclave (PCE), the root of trust for other
  enclaves, generates a signing key from a fused key called Provisioning
  Certification Key. PCE can then use this key to certify an attestation key
  of a QE, e.g. we get the chain of trust down to the hardware if the Intel
  signed PCE is used.

  To use the needed keys, ATTRIBUTE.PROVISIONKEY is required but should be
  only allowed for those who actually need it so that only the trusted
  parties can certify QE's.

  Obviously the attestation service should know the public key of the used
  PCE and that way detect illegit attestation, but whitelisting the legit
  users still adds an additional layer of defence.

  Add new device file called /dev/sgx/provision. The sole purpose of this
  file is to provide file descriptors that act as privilege tokens to allow
  to build enclaves with ATTRIBUTE.PROVISIONKEY set. A new ioctl called
  SGX_IOC_ENCLAVE_SET_ATTRIBUTE is used to assign this token to an enclave.

> > + * sgx_ioc_enclave_set_attribute - handler for %SGX_IOC_ENCLAVE_SET_ATTRIBUTE
> > + * @filep:	open file to /dev/sgx
> > + * @arg:	userspace pointer to a struct sgx_enclave_set_attribute instance
> > + *
> > + * Mark the enclave as being allowed to access a restricted attribute bit.
> > + * The requested attribute is specified via the attribute_fd field in the
> > + * provided struct sgx_enclave_set_attribute.  The attribute_fd must be a
> > + * handle to an SGX attribute file, e.g. ?/dev/sgx/provision".
> 
> Maybe this should be simply a double-quote rather than the Unicode left
> quote?

Not sure how that got there but it is a mistake.

> Thanks,
> 
> Darren.

Thanks for the remarks.

/Jarkko

Jarkko Sakkinen June 16, 2020, 8:03 p.m. UTC | #3

On Tue, Jun 16, 2020 at 10:55:11PM +0300, Jarkko Sakkinen wrote:
> On Fri, Jun 05, 2020 at 09:09:49PM +0100, Darren Kenny wrote:
> > TYPO: s/devilering/delivering/?
> 
> I decided to rewrite the whole thing:
> 
>   x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation
> 
>   Provisioning Certification Enclave (PCE), the root of trust for other
>   enclaves, generates a signing key from a fused key called Provisioning
>   Certification Key. PCE can then use this key to certify an attestation key
>   of a QE, e.g. we get the chain of trust down to the hardware if the Intel
>   signed PCE is used.
> 
>   To use the needed keys, ATTRIBUTE.PROVISIONKEY is required but should be
>   only allowed for those who actually need it so that only the trusted
>   parties can certify QE's.
> 
>   Obviously the attestation service should know the public key of the used
>   PCE and that way detect illegit attestation, but whitelisting the legit
>   users still adds an additional layer of defence.
> 
>   Add new device file called /dev/sgx/provision. The sole purpose of this
>   file is to provide file descriptors that act as privilege tokens to allow
>   to build enclaves with ATTRIBUTE.PROVISIONKEY set. A new ioctl called
>   SGX_IOC_ENCLAVE_SET_ATTRIBUTE is used to assign this token to an enclave.

I also refined Documentation/x86/sgx.rst based on this in my tree [*].

[*] https://github.com/jsakkine-intel/linux-sgx.git

/Jarkko

diff --git a/arch/x86/include/uapi/asm/sgx.h b/arch/x86/include/uapi/asm/sgx.h
index 5edb08ab8fd0..57d0d30c79b3 100644
--- a/arch/x86/include/uapi/asm/sgx.h
+++ b/arch/x86/include/uapi/asm/sgx.h
@@ -25,6 +25,8 @@  enum sgx_page_flags {
 	_IOWR(SGX_MAGIC, 0x01, struct sgx_enclave_add_pages)
 #define SGX_IOC_ENCLAVE_INIT \
 	_IOW(SGX_MAGIC, 0x02, struct sgx_enclave_init)
+#define SGX_IOC_ENCLAVE_SET_ATTRIBUTE \
+	_IOW(SGX_MAGIC, 0x03, struct sgx_enclave_set_attribute)
 
 /**
  * struct sgx_enclave_create - parameter structure for the
@@ -63,4 +65,13 @@  struct sgx_enclave_init {
 	__u64 sigstruct;
 };
 
+/**
+ * struct sgx_enclave_set_attribute - parameter structure for the
+ *				      %SGX_IOC_ENCLAVE_SET_ATTRIBUTE ioctl
+ * @attribute_fd:	file handle of the attribute file in the securityfs
+ */
+struct sgx_enclave_set_attribute {
+	__u64 attribute_fd;
+};
+
 #endif /* _UAPI_ASM_X86_SGX_H */
diff --git a/arch/x86/kernel/cpu/sgx/driver.c b/arch/x86/kernel/cpu/sgx/driver.c
index b4aa7b9f8376..d90114cec1c3 100644
--- a/arch/x86/kernel/cpu/sgx/driver.c
+++ b/arch/x86/kernel/cpu/sgx/driver.c
@@ -150,6 +150,13 @@  static struct miscdevice sgx_dev_enclave = {
 	.fops = &sgx_encl_fops,
 };
 
+static struct miscdevice sgx_dev_provision = {
+	.minor = MISC_DYNAMIC_MINOR,
+	.name = "provision",
+	.nodename = "sgx/provision",
+	.fops = &sgx_provision_fops,
+};
+
 int __init sgx_drv_init(void)
 {
 	unsigned int eax, ebx, ecx, edx;
@@ -190,5 +197,12 @@  int __init sgx_drv_init(void)
 		return ret;
 	}
 
+	ret = misc_register(&sgx_dev_provision);
+	if (ret) {
+		pr_err("Creating /dev/sgx/provision failed with %d.\n", ret);
+		misc_deregister(&sgx_dev_enclave);
+		return ret;
+	}
+
 	return 0;
 }
diff --git a/arch/x86/kernel/cpu/sgx/driver.h b/arch/x86/kernel/cpu/sgx/driver.h
index e4063923115b..72747d01c046 100644
--- a/arch/x86/kernel/cpu/sgx/driver.h
+++ b/arch/x86/kernel/cpu/sgx/driver.h
@@ -23,6 +23,8 @@  extern u64 sgx_attributes_reserved_mask;
 extern u64 sgx_xfrm_reserved_mask;
 extern u32 sgx_xsave_size_tbl[64];
 
+extern const struct file_operations sgx_provision_fops;
+
 long sgx_ioctl(struct file *filep, unsigned int cmd, unsigned long arg);
 
 int sgx_drv_init(void);
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
index 757cb9a4ae70..713bce437659 100644
--- a/arch/x86/kernel/cpu/sgx/ioctl.c
+++ b/arch/x86/kernel/cpu/sgx/ioctl.c
@@ -669,6 +669,50 @@  static long sgx_ioc_enclave_init(struct sgx_encl *encl, void __user *arg)
 	return ret;
 }
 
+/**
+ * sgx_ioc_enclave_set_attribute - handler for %SGX_IOC_ENCLAVE_SET_ATTRIBUTE
+ * @filep:	open file to /dev/sgx
+ * @arg:	userspace pointer to a struct sgx_enclave_set_attribute instance
+ *
+ * Mark the enclave as being allowed to access a restricted attribute bit.
+ * The requested attribute is specified via the attribute_fd field in the
+ * provided struct sgx_enclave_set_attribute.  The attribute_fd must be a
+ * handle to an SGX attribute file, e.g. “/dev/sgx/provision".
+ *
+ * Failure to explicitly request access to a restricted attribute will cause
+ * sgx_ioc_enclave_init() to fail.  Currently, the only restricted attribute
+ * is access to the PROVISION_KEY.
+ *
+ * Note, access to the EINITTOKEN_KEY is disallowed entirely.
+ *
+ * Return: 0 on success, -errno otherwise
+ */
+static long sgx_ioc_enclave_set_attribute(struct sgx_encl *encl,
+					  void __user *arg)
+{
+	struct sgx_enclave_set_attribute params;
+	struct file *attribute_file;
+	int ret;
+
+	if (copy_from_user(&params, arg, sizeof(params)))
+		return -EFAULT;
+
+	attribute_file = fget(params.attribute_fd);
+	if (!attribute_file)
+		return -EINVAL;
+
+	if (attribute_file->f_op != &sgx_provision_fops) {
+		ret = -EINVAL;
+		goto out;
+	}
+
+	encl->allowed_attributes |= SGX_ATTR_PROVISIONKEY;
+	ret = 0;
+
+out:
+	fput(attribute_file);
+	return ret;
+}
 
 long sgx_ioctl(struct file *filep, unsigned int cmd, unsigned long arg)
 {
@@ -694,6 +738,9 @@  long sgx_ioctl(struct file *filep, unsigned int cmd, unsigned long arg)
 	case SGX_IOC_ENCLAVE_INIT:
 		ret = sgx_ioc_enclave_init(encl, (void __user *)arg);
 		break;
+	case SGX_IOC_ENCLAVE_SET_ATTRIBUTE:
+		ret = sgx_ioc_enclave_set_attribute(encl, (void __user *)arg);
+		break;
 	default:
 		ret = -ENOIOCTLCMD;
 		break;

[v32,12/21] x86/sgx: Add provisioning

Commit Message

Comments

Patch