Re: [PATCH v12 00/18] Enable FSGSBASE instructions

From: Thomas Gleixner
Date: Mon May 18 2020 - 05:51:16 EST

Next message: Rafael J. Wysocki: "Re: [PATCH v2 20/20] cpufreq: Return zero on success in boost sw setting"
Previous message: Petr Mladek: "Re: [PATCH V2] dynamic_debug: Add an option to enable dynamic debug for modules only"
In reply to: Sasha Levin: "Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Next in thread: Sasha Levin: "Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sasha Levin <sashal@xxxxxxxxxx> writes:
> On Fri, May 15, 2020 at 12:24:14PM +0300, Jarkko Sakkinen wrote:
>>
>>Can you put me to the CC-loop for this patches. Some SGX-enabled
>>frameworks such as Graphene use out-of-tree changes to achieve this.
>>That's where the interest to possibly test this comes from.
>
> Indeed, we've seen a few hacks that basically just enable FSGSBASE:
>
> - https://github.com/oscarlab/graphene-sgx-driver
> - https://github.com/occlum/enable_rdfsbase

I'm really amazed by all these security experts enabling a full root
hole. It clearly puts the SGX hypocrisy into perspective.

Thanks,

tglx

Next message: Rafael J. Wysocki: "Re: [PATCH v2 20/20] cpufreq: Return zero on success in boost sw setting"
Previous message: Petr Mladek: "Re: [PATCH V2] dynamic_debug: Add an option to enable dynamic debug for modules only"
In reply to: Sasha Levin: "Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Next in thread: Sasha Levin: "Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]