Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix aesmd not starting if /dev is mounted as noexec #515

Closed
wants to merge 1 commit into from
Closed

Fix aesmd not starting if /dev is mounted as noexec #515

wants to merge 1 commit into from

Conversation

assafmo
Copy link

@assafmo assafmo commented Mar 22, 2020

@assafmo assafmo mentioned this pull request Mar 22, 2020
Closed
@assafmo
Copy link
Author

assafmo commented Mar 23, 2020
edited
Loading

So actually this didn't work for me. Instead of using ExecStartPre I had to create a startup script especially for remounting /dev as exec.

See scrtlabs/SecretNetwork@866949a?diff=split#diff-fc708eba6ce617e52f528df7404127e6R77-R90

I don't know what you'd want to do with this PR or even if you want to support ubuntu != {16.04,18.04}.

Anyway I think the driver should make sure that /dev/sgx and /dev/isgx are mounted as exec.

@andyzyb
Copy link
Contributor

andyzyb commented Mar 24, 2020

I somewhat agree that it is better to leave this to driver. In some cases there is no AESM installed on the system, then user application needs to handle this?

@assafmo
Copy link
Author

assafmo commented Mar 24, 2020
edited
Loading

I don't think the user application needs to handle this, but the driver. I wouldn't want my apps to remount /dev on my system.
Though if not AESM then I think the driver should handle this.

@haitaohuang
Copy link
Contributor

This is discussed in LKML for upstreaming driver. It needs be a solution from driver

@andyzyb andyzyb mentioned this pull request Apr 22, 2020
Closed
@kaimast
Copy link

kaimast commented May 16, 2020

Thanks for posting the fix @assafmo!

@haitaohuang haitaohuang mentioned this pull request Jul 20, 2020
Open
@yuyuany yuyuany deleted the branch intel:master April 3, 2024 05:36
@yuyuany yuyuany closed this Apr 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@assafmo @andyzyb @haitaohuang @kaimast @yuyuany