the security whiltelist of smc call 答复: Devel Digest, Vol 124, Issue 1
Hi:
In our ARMv8 platform,we access secure world not only from the VM guest OS, but also form native compont like config clk register
In ARMv8 platform, SMC instructions are not allowed from EL0.
So in camkes-vm project, I create a new smc capability and a new syscall as a temporary solution, like below:
"LIBSEL4_INLINE seL4_ARM_SMC_CallFunc_t seL4_ARM_SMC_CallFunc(seL4_ARM_SMC _service, seL4_Word function_id, seL4_Word arg0, seL4_Word arg1, seL4_Word arg2)"
But I did not pay much attention to security, it is just meet our current work.
I didnot really understand the essence of kernel whitelist mentioned by "https://sel4.atlassian.net/browse/RFC-9"? I have some question below, I feel the smc cap should like schedcontrol cap belong every core.
1. what is the whiltelist describe ? sip command smc function id?
2. how are the members of whilelist represented in the kernel , check the invLabel of syscall in kernel if we provide one smc cap not every function id? or just check the range of function id ?
3. Does each TCB have its own whitelist or does the entire system have a whitelist?
thank you very much.
-----邮件原件-----
发件人: devel-request@sel4.systems [mailto:devel-request@sel4.systems]
发送时间: 2021年11月10日 9:00
收件人: devel@sel4.systems
主题: Devel Digest, Vol 124, Issue 1
Send Devel mailing list submissions to
devel@sel4.systems
To subscribe or unsubscribe via email, send a message with subject or body 'help' to
devel-request@sel4.systems
You can reach the person managing the list at
devel-owner@sel4.systems
When replying, please edit your Subject line so it is more specific than "Re: Contents of Devel digest..."
Today's Topics:
1. RFC-9: new capability for seL4 SMC Forwarding on Arm
(Gerwin Klein)
----------------------------------------------------------------------
Message: 1
Date: Tue, 9 Nov 2021 21:52:58 +0000
From: Gerwin Klein
participants (1)
-
yadong.li