[seL4] the security whiltelist of smc call 答复: Devel Digest, Vol 124, Issue 1

[yadong . li]

Hi:

        In our ARMv8 platform，we access secure world not only from the VM guest 
OS， but also form native compont  like config clk register

        In ARMv8 platform, SMC instructions are not allowed from EL0.

    So in camkes-vm project, I create a new smc capability and a new syscall as 
a temporary solution, like below:

        "LIBSEL4_INLINE seL4_ARM_SMC_CallFunc_t 
seL4_ARM_SMC_CallFunc(seL4_ARM_SMC _service,  seL4_Word function_id, seL4_Word 
arg0,  seL4_Word arg1, seL4_Word arg2)"

    But I did not pay much attention to security, it is just meet our current 
work.

        I didnot really understand the essence of kernel whitelist mentioned by 
"https://sel4.atlassian.net/browse/RFC-9";? I have some question below, I feel 
the smc cap should like schedcontrol cap belong every core.

        1. what is the whiltelist describe ? sip command smc function id?

    2. how are the members of whilelist represented in the kernel , check the 
invLabel of syscall in kernel if we provide one smc cap not every function id? 
or just check the range of function id ?

     3. Does each TCB have its own whitelist or does the entire system have a 
whitelist?

                                                                                
                     thank you very much.



-----邮件原件-----

发件人: devel-request@sel4.systems [mailto:devel-request@sel4.systems]

发送时间: 2021年11月10日 9:00

收件人: devel@sel4.systems

主题: Devel Digest, Vol 124, Issue 1



Send Devel mailing list submissions to

        devel@sel4.systems



To subscribe or unsubscribe via email, send a message with subject or body 
'help' to

        devel-request@sel4.systems



You can reach the person managing the list at

        devel-owner@sel4.systems



When replying, please edit your Subject line so it is more specific than "Re: 
Contents of Devel digest..."



Today's Topics:



   1. RFC-9: new capability for seL4 SMC Forwarding  on Arm

      (Gerwin Klein)





----------------------------------------------------------------------



Message: 1

Date: Tue, 9 Nov 2021 21:52:58 +0000

From: Gerwin Klein <kle...@unsw.edu.au>

Subject: [seL4] RFC-9: new capability for seL4 SMC Forwarding  on Arm

To: devel <devel@sel4.systems>

Message-ID: <613858ac-3db1-4d7c-a892-9abdb5b31...@unsw.edu.au>

Content-Type: text/plain; charset="utf-8"



I’d like to solicit discussion on the new RFC on forwarding Secure Monitor 
Calls on Arm:

https://sel4.atlassian.net/browse/RFC-9



Relevant Arm documentation (SMC calling conventions):

https://developer.arm.com/documentation/den0028/latest?_ga=2.116565828.390371079.1616755184-1989679030.1616755184



Any opinions, concerns, alternative designs?



Cheers,

Gerwin





------------------------------



Subject: Digest Footer



_______________________________________________

Devel mailing list -- devel@sel4.systems To unsubscribe send an email to 
devel-leave@sel4.systems





------------------------------



End of Devel Digest, Vol 124, Issue 1

*************************************

_______________________________________________
Devel mailing list -- devel@sel4.systems
To unsubscribe send an email to devel-leave@sel4.systems