Hi Andi,
On 2021-03-09 20:14, Andi Kleen wrote:
The disk encryption is just one example and there might be others
which
we might not be aware of yet and we are not suspecting there is
something
wrong with the crypto code that needs to be fixed.
Then you don't have any leaks relating to
> The disk encryption is just one example and there might be others which
> we might not be aware of yet and we are not suspecting there is something
> wrong with the crypto code that needs to be fixed.
Then you don't have any leaks relating to branch tracing.
> restrict an external(in the sense
Hi Andi,
On 2021-03-05 01:47, Andi Kleen wrote:
> Andi Kleen writes:
>>
>> Normally disk encryption is in specialized work queues. It's total
>> overkill to restrict all of the kernel if you just want to restrict
>> those work queues.
>>
>> I would suggest some more analysis where secrets are
Andi Kleen writes:
>
> Normally disk encryption is in specialized work queues. It's total
> overkill to restrict all of the kernel if you just want to restrict
> those work queues.
>
> I would suggest some more analysis where secrets are actually stored
> and handled first.
Also thinking about
Sai Prakash Ranjan writes:
>
> "Consider a system where disk contents are encrypted and the encryption
> key is set up by the user when mounting the file system. From that point
> on the encryption key resides in the kernel. It seems reasonable to
> expect that the disk encryption key be
Hardware assisted tracing families such as ARM Coresight, Intel PT
provides rich tracing capabilities including instruction level
tracing and accurate timestamps which are very useful for profiling
and also pose a significant security risk. One such example of
security risk is when kernel mode
6 matches
Mail list logo