diff mbox

[intel-sgx-kernel-dev,v9,06/10] intel_sgx: kill the enclave when any of its VMAs are closed

Message ID 2EFE7EC26817864D8C91BD43A5737DD4533BE5E8@fmsmsx118.amr.corp.intel.com (mailing list archive)
State New, archived
Headers show

Commit Message

Huang, Haitao Dec. 15, 2016, 4:13 p.m. UTC 
Just wonder if this will be an issue for SGX2.0 where we may trim some pages after being loaded during enclave life. I haven't looked at SGX2 branch for a while and not sure we cause VMA closes. Just throw out here for team to discuss.
Haitao

-----Original Message-----
From: intel-sgx-kernel-dev [mailto:intel-sgx-kernel-dev-bounces@lists.01.org] On Behalf Of Jarkko Sakkinen
Sent: Thursday, December 15, 2016 8:50 AM
To: intel-sgx-kernel-dev@lists.01.org
Subject: [intel-sgx-kernel-dev] [PATCH v9 06/10] intel_sgx: kill the enclave when any of its VMAs are closed

ELRANGE protects from non-enclave access but still closing any of the VMAs leaves the enclave and remaining VMAs to a state that is not wanted for any legit application using enclaves. Therefore it is in this situation advisable to kill the whole enclave.

One could also consider hardening the vma_open callback in a way that it would also kill the enclave if any new VMAs areis created after the first EADD or in the corner case after the first EINIT (if enclave does only have the SECS page).

This makes sense because you could enforce that EPCM entries and PTEs stay in sync, which is a good property. However, most of the time you want to implement a relocator for the user space that runs inside the enclave because the ELRANGE position varies based on which address
mmap() gives. Since the enclave code is signed and measured the relocation can only happen after EINIT.

That's why we will not do such enforcement. The ramifications of this are not too bad. In the worst case you could end up crashing your user space process in a safe way (#GP due to EPCM/PTE mismatch).

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/platform/x86/intel_sgx.h       |  2 +-
 drivers/platform/x86/intel_sgx_ioctl.c | 10 ++++----  drivers/platform/x86/intel_sgx_util.c  | 13 ++++------
 drivers/platform/x86/intel_sgx_vma.c   | 43 ++++++++++++++--------------------
 4 files changed, 30 insertions(+), 38 deletions(-)

 
-	if (!encl->vma_cnt) {
+	if (encl->flags & SGX_ENCL_DEAD) {
 		entry = ERR_PTR(-EFAULT);
 		goto out;
 	}
@@ -370,7 +363,7 @@ static int sgx_vma_access(struct vm_area_struct *vma, unsigned long addr,
 
 	if (!(encl->flags & SGX_ENCL_DEBUG) ||
 	    !(encl->flags & SGX_ENCL_INITIALIZED) ||
-	    (encl->flags & SGX_ENCL_SUSPEND))
+	    (encl->flags & SGX_ENCL_DEAD))
 		return -EFAULT;
 
 	sgx_dbg(encl, "%s addr=0x%lx, len=%d\n", op_str, addr, len);
--
2.9.3

Comments

Jarkko Sakkinen Dec. 15, 2016, 5:06 p.m. UTC | #1 
On Thu, Dec 15, 2016 at 04:13:48PM +0000, Huang, Haitao wrote:
> Just wonder if this will be an issue for SGX2.0 where we may trim some
> pages after being loaded during enclave life. I haven't looked at SGX2
> branch for a while and not sure we cause VMA closes. Just throw out
> here for team to discuss.

There has never been any branch named 'SGX2'.

The only way you can emit the close callback is by explicitly calling
munmap system call or by exiting whole process thereby destructing the
mm struct.

> Haitao

/Jarkko
diff mbox

Patch

diff --git a/drivers/platform/x86/intel_sgx.h b/drivers/platform/x86/intel_sgx.h
index 464763d..018cd03 100644
--- a/drivers/platform/x86/intel_sgx.h
+++ b/drivers/platform/x86/intel_sgx.h
@@ -130,12 +130,12 @@  enum sgx_encl_flags {
 	SGX_ENCL_DEBUG		= BIT(1),
 	SGX_ENCL_SECS_EVICTED	= BIT(2),
 	SGX_ENCL_SUSPEND	= BIT(3),
+	SGX_ENCL_DEAD		= BIT(4),
 };
 
 struct sgx_encl {
 	unsigned int flags;
 	unsigned int secs_child_cnt;
-	unsigned int vma_cnt;
 	struct mutex lock;
 	struct task_struct *owner;
 	struct mm_struct *mm;
diff --git a/drivers/platform/x86/intel_sgx_ioctl.c b/drivers/platform/x86/intel_sgx_ioctl.c
index b377200..d0113b0 100644
--- a/drivers/platform/x86/intel_sgx_ioctl.c
+++ b/drivers/platform/x86/intel_sgx_ioctl.c
@@ -255,7 +255,10 @@  static bool sgx_process_add_page_req(struct sgx_add_page_req *req)
 
 	mutex_lock(&encl->lock);
 
-	if (!encl->vma_cnt || sgx_find_encl(encl->mm, encl_page->addr, &vma))
+	if (encl->flags & SGX_ENCL_DEAD)
+		goto out;
+
+	if (sgx_find_encl(encl->mm, encl_page->addr, &vma))
 		goto out;
 
 	backing = sgx_get_backing(encl, encl_page); @@ -317,7 +320,7 @@ static void sgx_add_page_worker(struct work_struct *work)
 	do {
 		schedule();
 
-		if (encl->flags & SGX_ENCL_SUSPEND)
+		if (encl->flags & SGX_ENCL_DEAD)
 			skip_rest = true;
 
 		mutex_lock(&encl->lock);
@@ -578,7 +581,6 @@  static long sgx_ioc_enclave_create(struct file *filep, unsigned int cmd,
 		up_read(&current->mm->mmap_sem);
 		goto out;
 	}
-	encl->vma_cnt++;
 	vma->vm_private_data = encl;
 	up_read(&current->mm->mmap_sem);
 
@@ -682,7 +684,7 @@  static int __encl_add_page(struct sgx_encl *encl,
 
 	mutex_lock(&encl->lock);
 
-	if (encl->flags & SGX_ENCL_INITIALIZED) {
+	if (encl->flags & (SGX_ENCL_INITIALIZED | SGX_ENCL_DEAD)) {
 		ret = -EINVAL;
 		goto out;
 	}
diff --git a/drivers/platform/x86/intel_sgx_util.c b/drivers/platform/x86/intel_sgx_util.c
index 3878d9a..d5238c2 100644
--- a/drivers/platform/x86/intel_sgx_util.c
+++ b/drivers/platform/x86/intel_sgx_util.c
@@ -135,21 +135,18 @@  void sgx_zap_tcs_ptes(struct sgx_encl *encl, struct vm_area_struct *vma)
 
 bool sgx_pin_mm(struct sgx_encl *encl)
 {
-	if (encl->flags & SGX_ENCL_SUSPEND)
-		return false;
-
 	mutex_lock(&encl->lock);
-	if (encl->vma_cnt) {
-		atomic_inc(&encl->mm->mm_count);
-	} else {
+	if (encl->flags & SGX_ENCL_DEAD) {
 		mutex_unlock(&encl->lock);
 		return false;
 	}
+
+	atomic_inc(&encl->mm->mm_count);
 	mutex_unlock(&encl->lock);
 
 	down_read(&encl->mm->mmap_sem);
 
-	if (!encl->vma_cnt) {
+	if (encl->flags & SGX_ENCL_DEAD) {
 		sgx_unpin_mm(encl);
 		return false;
 	}
@@ -177,7 +174,7 @@  void sgx_invalidate(struct sgx_encl *encl)
 			break;
 	}
 
-	encl->vma_cnt = 0;
+	encl->flags |= SGX_ENCL_DEAD;
 }
 
 int sgx_find_encl(struct mm_struct *mm, unsigned long addr, diff --git a/drivers/platform/x86/intel_sgx_vma.c b/drivers/platform/x86/intel_sgx_vma.c
index 0649978..f848fd1 100644
--- a/drivers/platform/x86/intel_sgx_vma.c
+++ b/drivers/platform/x86/intel_sgx_vma.c
@@ -70,48 +70,41 @@ 
 
 static void sgx_vma_open(struct vm_area_struct *vma)  {
-	struct sgx_encl *encl;
-
-	/* Was vm_private_data nullified as a result of the previous fork? */
-	encl = vma->vm_private_data;
-	if (!encl)
-		goto out_fork;
+	struct sgx_encl *encl = vma->vm_private_data;
 
-	/* Was the process forked? mm_struct changes when the process is
-	 * forked.
+	/* When forking for the second time vm_private_data is already set to
+	 * NULL.
 	 */
+	if (!encl) {
+		zap_vma_ptes(vma, vma->vm_start, vma->vm_end - vma->vm_start);
+		return;
+	}
+
+	/* Invalidate enclave when the process has been forked. */
 	mutex_lock(&encl->lock);
 	if (encl->mm != vma->vm_mm) {
-		mutex_unlock(&encl->lock);
-		goto out_fork;
+		sgx_invalidate(encl);
+		vma->vm_private_data = NULL;
 	}
-	encl->vma_cnt++;
 	mutex_unlock(&encl->lock);
 
-	kref_get(&encl->refcount);
-	return;
-out_fork:
-	zap_vma_ptes(vma, vma->vm_start, vma->vm_end - vma->vm_start);
-	vma->vm_private_data = NULL;
+	if (vma->vm_private_data)
+		kref_get(&encl->refcount);
 }
 
 static void sgx_vma_close(struct vm_area_struct *vma)  {
 	struct sgx_encl *encl = vma->vm_private_data;
 
-	/* If process was forked, VMA is still there but
-	 * vm_private_data is set to NULL.
+	/* When forking for the second time vm_private_data is already set to
+	 * NULL.
 	 */
 	if (!encl)
 		return;
 
 	mutex_lock(&encl->lock);
-	encl->vma_cnt--;
-	vma->vm_private_data = NULL;
-
-	sgx_zap_tcs_ptes(encl, vma);
 	zap_vma_ptes(vma, vma->vm_start, vma->vm_end - vma->vm_start);
-
+	encl->flags |= SGX_ENCL_DEAD;
 	mutex_unlock(&encl->lock);
 
 	kref_put(&encl->refcount, sgx_encl_release); @@ -187,7 +180,7 @@ static struct sgx_encl_page *sgx_vma_do_fault(struct vm_area_struct *vma,
 
 	mutex_lock(&encl->lock);