Re: [PATCH v20 00/28] Intel SGX1 support

From: Sean Christopherson
Date: Mon Apr 22 2019 - 12:48:38 EST

Next message: Luck, Tony: "RE: [PATCH] RAS/CEC: Add debugfs switch to disable at run time"
Previous message: Linus Torvalds: "Re: WARNING in percpu_ref_kill_and_confirm"
In reply to: Dr. Greg: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Linus Torvalds: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Apr 22, 2019 at 11:24:11AM -0500, Dr. Greg wrote:
> On Mon, Apr 22, 2019 at 08:01:19AM -0700, Sean Christopherson wrote:
>
> Good morning to everyone, I hope the week is starting well.
>
> > On Sat, Apr 20, 2019 at 11:02:47AM -0500, Dr. Greg wrote:
> > > We understand and support the need for the LSM to trap these
> > > events, but what does LSM provenance mean if the platform is
> > > compromised? That is, technically, the target application for SGX
> > > technology.
>
> > No, it's not. Protecting the kernel/platform from a malicious
> > entity is outside the scope of SGX.
>
> You must have misinterpreted my statement, providing security
> guarantees in the face of a compromised platform is exactly what SGX
> was designed to do and is how Intel is marketing the technology.

Right, and loading a malicious enclave doesn't change those guarantees
(for other enclaves). Ergo, restricting which enclaves can execute is
orthogonal to the security provided by SGX.

Next message: Luck, Tony: "RE: [PATCH] RAS/CEC: Add debugfs switch to disable at run time"
Previous message: Linus Torvalds: "Re: WARNING in percpu_ref_kill_and_confirm"
In reply to: Dr. Greg: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Linus Torvalds: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]