Re: [PATCH v17 18/23] platform/x86: Intel SGX driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
From: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
Date: Sat, 24 Nov 2018 08:15:21 -0800
Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>, X86 ML <x86@xxxxxxxxxx>, Platform Driver <platform-driver-x86@xxxxxxxxxxxxxxx>, linux-sgx@xxxxxxxxxxxxxxx, Dave Hansen <dave.hansen@xxxxxxxxx>, "Christopherson, Sean J" <sean.j.christopherson@xxxxxxxxx>, nhorman@xxxxxxxxxx, npmccallum@xxxxxxxxxx, "Ayoun, Serge" <serge.ayoun@xxxxxxxxx>, shay.katz-zamir@xxxxxxxxx, haitao.huang@xxxxxxxxxxxxxxx, Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, "Svahn, Kai" <kai.svahn@xxxxxxxxx>, mark.shanahan@xxxxxxxxx, Suresh Siddha <suresh.b.siddha@xxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Darren Hart <dvhart@xxxxxxxxxxxxx>, andy@xxxxxxxxxxxxx, LKML <linux-kernel@xxxxxxxxxxxxxxx>
In-reply-to: <20181120111508.GA26127@wind.enjellic.com>
Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo
References: <20181116010412.23967-1-jarkko.sakkinen@linux.intel.com> <20181116010412.23967-19-jarkko.sakkinen@linux.intel.com> <CALCETrXctxfED1Dr-MuZxFnh5gzTyRL06hRJ_fQnNA8p2S4xEQ@mail.gmail.com> <20181120111508.GA26127@wind.enjellic.com>
User-agent: Mutt/1.10.1 (2018-07-13)

On Tue, Nov 20, 2018 at 05:15:08AM -0600, Dr. Greg wrote:
> Malware would not necessarily need the Intel attestation service.
> Once access to the PROVISION bit is available, malware teams could
> simply build their own attestation service.

AFAIK not possible as they wouldn't have access to the root provisioning
key. Can be confirmed from the SDM's key derivation table (41-56).

/Jarkko

Follow-Ups:
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Dr. Greg

References:
- [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Jarkko Sakkinen
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Andy Lutomirski
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Dr. Greg

Prev by Date: Re: [PATCH v17 06/23] x86/cpu/intel: Detect SGX support and update caps appropriately
Next by Date: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
Previous by thread: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
Next by thread: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
Index(es):
- Date
- Thread

[Index of Archives] [Linux Kernel Development] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI]