On Thu, 2018-12-06 at 00:51 -0800, Jarkko Sakkinen wrote: > On Mon, 2018-12-03 at 23:39 -0800, Alison Schofield wrote: > > MKTME (Multi-Key Total Memory Encryption) is a technology that allows > > transparent memory encryption in upcoming Intel platforms. MKTME will > > support mulitple encryption domains, each having their own key. The main > > use case for the feature is virtual machine isolation. The API needs the > > flexibility to work for a wide range of uses. > > Some, maybe brutal, honesty (apologies)... > > Have never really got the grip why either SME or TME would make > isolation any better. If you can break into hypervisor, you'll > have these tools availabe: > > 1. Read page (in encrypted form). > 2. Write page (for example replay as pages are not versioned). > > with all the side-channel possibilities of course since you can > control the VMs (in which core they execute etc.). > > I've seen now SME presentation three times and it always leaves > me an empty feeling. This feels the same same. I.e. need to tell very explicitly the scenario where this will help. Not saying that this should resolve everything but it must resolve something. /Jarkko
