Re: [PATCH v20 00/28] Intel SGX1 support

From: Sean Christopherson
Date: Mon Apr 22 2019 - 11:01:22 EST

Next message: Hou Tao: "Re: [PATCH] dcache: ensure d_flags & d_inode are consistent in lookup_fast()"
Previous message: Zhenliang Wei: "[PATCH v3] signal: trace_signal_deliver when signal_group_exit"
In reply to: Dr. Greg: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Dr. Greg: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Apr 20, 2019 at 11:02:47AM -0500, Dr. Greg wrote:
> We understand and support the need for the LSM to trap these events,
> but what does LSM provenance mean if the platform is compromised?
> That is, technically, the target application for SGX technology.

No, it's not. Protecting the kernel/platform from a malicious entity is
outside the scope of SGX.

Next message: Hou Tao: "Re: [PATCH] dcache: ensure d_flags & d_inode are consistent in lookup_fast()"
Previous message: Zhenliang Wei: "[PATCH v3] signal: trace_signal_deliver when signal_group_exit"
In reply to: Dr. Greg: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Dr. Greg: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]