On Thu, Feb 08, 2018 at 09:46:53AM +0100, Pavel Machek wrote:
> On Tue 2018-01-09 16:27:30, Jarkko Sakkinen wrote:
> > On Thu, Jan 04, 2018 at 03:17:24PM +0100, Cedric Blancher wrote:
> > > So how does this protect against the MELTDOWN attack (CVE-2017-5754)
> > > and the MELTATOMBOMBA4 worm which
On Tue 2018-01-09 16:27:30, Jarkko Sakkinen wrote:
> On Thu, Jan 04, 2018 at 03:17:24PM +0100, Cedric Blancher wrote:
> > So how does this protect against the MELTDOWN attack (CVE-2017-5754)
> > and the MELTATOMBOMBA4 worm which uses this exploit?
> >
> > Ced
>
> Everything going out of L1 gets e
On Tue, Jan 09, 2018 at 03:50:23PM -0600, Dr. Greg Wettstein wrote:
> > Everything going out of L1 gets encrypted. This is done to defend
> > against peripheral like adversaries and should work also against
> > meltdown.
>
> I don't believe this is an architecturally correct assertion. The
> encr
On Jan 9, 4:25pm, Jarkko Sakkinen wrote:
} Subject: Re: [PATCH v6 00/11] Intel SGX Driver
Good afternoon I hope the week is going well for everyone.
In order to minimize spamming mailboxes with two mails I'm
incorporating a reply to Jarkko's second e-mail on the Memory
Encryption En
On Thu, Jan 04, 2018 at 03:17:24PM +0100, Cedric Blancher wrote:
> So how does this protect against the MELTDOWN attack (CVE-2017-5754)
> and the MELTATOMBOMBA4 worm which uses this exploit?
>
> Ced
Everything going out of L1 gets encrypted. This is done to defend
against peripheral like adversar
On Thu, Jan 04, 2018 at 03:06:43AM -0600, Dr. Greg Wettstein wrote:
> If we are talking about the issues motivating the KPTI work I don't
> have any useful information beyond what is raging through the industry
> right now.
>
> With respect to SGX, the issues giving rise to KPTI are characteristic
On Jan 4, 3:27pm, Greg Kroah-Hartman wrote:
} Subject: Re: [PATCH v6 00/11] Intel SGX Driver
Wild day, enjoyed by all I'm sure.
> On Thu, Jan 04, 2018 at 03:17:24PM +0100, Cedric Blancher wrote:
> > So how does this protect against the MELTDOWN attack (CVE-2017-5754)
> > an
On Thu, 2018-01-04 at 15:17 +0100, Cedric Blancher wrote:
> So how does this protect against the MELTDOWN attack (CVE-2017-5754)
> and the MELTATOMBOMBA4 worm which uses this exploit?
Actually, a data exfiltration attack against SGX, using page tables has
already been documented:
https://www.usen
On Thu, Jan 04, 2018 at 03:17:24PM +0100, Cedric Blancher wrote:
> So how does this protect against the MELTDOWN attack (CVE-2017-5754)
> and the MELTATOMBOMBA4 worm which uses this exploit?
It has nothing to do with it at all, sorry.
greg k-h
So how does this protect against the MELTDOWN attack (CVE-2017-5754)
and the MELTATOMBOMBA4 worm which uses this exploit?
Ced
On 25 November 2017 at 20:29, Jarkko Sakkinen
wrote:
> Intel(R) SGX is a set of CPU instructions that can be used by applications to
> set aside private regions of code a
On Jan 3, 10:48am, Pavel Machek wrote:
} Subject: Re: [PATCH v6 00/11] Intel SGX Driver
> Hi!
Good morning.
> :-). Stuff proceeds as usual. Too bad it is raining outside, instead
> of snowing.
-19C here, so we have snow... :-)
> > > So ... even with SGX, host can genera
Hi!
> Good evening Pavel et.al., I hope the New Year has started well for
> everyone.
:-). Stuff proceeds as usual. Too bad it is raining outside, instead
of snowing.
> > > > Would you list guarantees provided by SGX?
> > >
> > > Obviously, confidentiality and integrity. SGX was designed to add
On Dec 27, 9:46pm, Pavel Machek wrote:
} Subject: Re: [PATCH v6 00/11] Intel SGX Driver
> Hi!
Good evening Pavel et.al., I hope the New Year has started well for
everyone.
> > > Would you list guarantees provided by SGX?
> >
> > Obviously, confidentiality and integri
Hi!
> > Would you list guarantees provided by SGX?
>
> Obviously, confidentiality and integrity. SGX was designed to address
> an Iago threat model, a very difficult challenge to address in
> reality.
Do you have link on "Iago threat model"?
> I don't have the citation immediately available, b
On Dec 12, 3:07pm, Pavel Machek wrote:
} Subject: Re: [PATCH v6 00/11] Intel SGX Driver
Good morning, I hope this note finds the holiday season going well for
everyone. This note is a bit delayed due to the holidays, my
apologies.
Pretty wide swath on this e-mail but will include the copy list
On Wed, Dec 20, 2017 at 01:33:46AM +0200, Jarkko Sakkinen wrote:
> On Tue, 2017-12-12 at 15:07 +0100, Pavel Machek wrote:
> > On Sat 2017-11-25 21:29:17, Jarkko Sakkinen wrote:
> > > Intel(R) SGX is a set of CPU instructions that can be used by
> > > applications to
> > > set aside private regions
On Tue, 2017-12-12 at 15:07 +0100, Pavel Machek wrote:
> On Sat 2017-11-25 21:29:17, Jarkko Sakkinen wrote:
> > Intel(R) SGX is a set of CPU instructions that can be used by applications
> > to
> > set aside private regions of code and data. The code outside the enclave is
> > disallowed to access
On Tue, Dec 12, 2017 at 03:07:50PM +0100, Pavel Machek wrote:
> On Sat 2017-11-25 21:29:17, Jarkko Sakkinen wrote:
> > Intel(R) SGX is a set of CPU instructions that can be used by applications
> > to
> > set aside private regions of code and data. The code outside the enclave is
> > disallowed to
On Sat 2017-11-25 21:29:17, Jarkko Sakkinen wrote:
> Intel(R) SGX is a set of CPU instructions that can be used by applications to
> set aside private regions of code and data. The code outside the enclave is
> disallowed to access the memory inside the enclave by the CPU access control.
> In a way
Intel(R) SGX is a set of CPU instructions that can be used by applications to
set aside private regions of code and data. The code outside the enclave is
disallowed to access the memory inside the enclave by the CPU access control.
In a way you can think that SGX provides inverted sandbox. It prote
20 matches
Mail list logo