From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AA29BC74A36 for ; Wed, 10 Jul 2019 22:16:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 8365221019 for ; Wed, 10 Jul 2019 22:16:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727681AbfGJWQn (ORCPT ); Wed, 10 Jul 2019 18:16:43 -0400 Received: from mga11.intel.com ([192.55.52.93]:57323 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726245AbfGJWQn (ORCPT ); Wed, 10 Jul 2019 18:16:43 -0400 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Jul 2019 15:16:42 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.63,476,1557212400"; d="scan'208";a="364619917" Received: from teutenbb-mobl1.ger.corp.intel.com (HELO localhost) ([10.252.50.108]) by fmsmga005.fm.intel.com with ESMTP; 10 Jul 2019 15:16:39 -0700 Date: Thu, 11 Jul 2019 01:16:38 +0300 From: Jarkko Sakkinen To: Sean Christopherson Cc: linux-sgx@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, Bill Roberts , Casey Schaufler , James Morris , Dave Hansen , Cedric Xing , Andy Lutomirski , Jethro Beekman , "Dr . Greg Wettstein" , Stephen Smalley Subject: Re: [RFC PATCH v4 00/12] security: x86/sgx: SGX vs. LSM Message-ID: <20190710221638.bwnwtcozpv44ojdg@linux.intel.com> References: <20190619222401.14942-1-sean.j.christopherson@intel.com> <20190705160549.tzsck5ho5kvtdhit@linux.intel.com> <20190708172930.GA20791@linux.intel.com> <20190709162203.gzyvulah5u7eksip@linux.intel.com> <20190709170917.GD25369@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190709170917.GD25369@linux.intel.com> Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: NeoMutt/20180716 Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Just some questions on these. On Tue, Jul 09, 2019 at 10:09:17AM -0700, Sean Christopherson wrote: > - FILE__ENCLAVE_EXECUTE: equivalent to FILE__EXECUTE, required to gain X > on an enclave page loaded from a regular file One thing that I have hard time to perceive is that whether the process or the target object has them. So would this be in the files extended attribute or does process need to possess this or both? > - PROCESS2__ENCLAVE_EXECDIRTY: hybrid of EXECMOD and EXECUTE+WRITE, > required to gain W->X on an enclave page Still puzzling with EXECMOD given that how it is documented in https://selinuxproject.org/page/ObjectClassesPerms. If anything in that document is out of date, would be nice if it was updated. > - PROCESS2__ENCLAVE_EXECANON: subset of EXECMEM, required to gain X on > an enclave page that is loaded from an > anonymous mapping > > - PROCESS2__ENCLAVE_MAPWX: subset of EXECMEM, required to gain WX on an > enclave page I guess these three belong to the process and are not attached to file. How in SELinux anyway process in the first place acquires any SELinux permissions? I guess getty or whatever login process can set its perms before setuid() et al somehow (I don't know how) because they run as root? /Jarkko