Re: [PATCH v17 18/23] platform/x86: Intel SGX driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
From: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
Date: Tue, 27 Nov 2018 08:46:38 -0800
Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, X86 ML <x86@xxxxxxxxxx>, Platform Driver <platform-driver-x86@xxxxxxxxxxxxxxx>, linux-sgx@xxxxxxxxxxxxxxx, Dave Hansen <dave.hansen@xxxxxxxxx>, "Christopherson, Sean J" <sean.j.christopherson@xxxxxxxxx>, nhorman@xxxxxxxxxx, npmccallum@xxxxxxxxxx, "Ayoun, Serge" <serge.ayoun@xxxxxxxxx>, shay.katz-zamir@xxxxxxxxx, haitao.huang@xxxxxxxxxxxxxxx, Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, "Svahn, Kai" <kai.svahn@xxxxxxxxx>, mark.shanahan@xxxxxxxxx, Suresh Siddha <suresh.b.siddha@xxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Darren Hart <dvhart@xxxxxxxxxxxxx>, Andy Shevchenko <andy@xxxxxxxxxxxxx>, LKML <linux-kernel@xxxxxxxxxxxxxxx>
In-reply-to: <20181127085533.GA12247@wind.enjellic.com>
Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo
References: <CALCETrX+A4XaEMq3fJqmHUeeDHr_BdWh-Wk3ikXfY=L77BbaGA@mail.gmail.com> <20181120120442.GA22172@linux.intel.com> <20181122111253.GA31150@wind.enjellic.com> <CALCETrWJr-C6yK8NBCp=NbapwHOaBFphiDU9VKEtQ0NMRrdC2g@mail.gmail.com> <20181124172114.GB32210@linux.intel.com> <20181125145329.GA5777@linux.intel.com> <0669C300-02CB-4EA6-BF88-5C4B4DDAD4C7@amacapital.net> <20181126215145.GC868@linux.intel.com> <20181126230436.GA6737@linux.intel.com> <20181127085533.GA12247@wind.enjellic.com>
User-agent: Mutt/1.10.1 (2018-07-13)

On Tue, Nov 27, 2018 at 02:55:33AM -0600, Dr. Greg wrote:
> 3.) Enclaves with the SGX_FLAGS_LICENSE_KEY attribute set - i.e., 'Launch
> Enclaves'.

Kernel does not have to manage this. If the MSRs are read-only, they
should match your LE. If the MSRs writable, you don't need an LE.

This whole scheme sounds like adding own SELinux for SGX and it is
only words. No code available.

/Jarkko

References:
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Andy Lutomirski
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Jarkko Sakkinen
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Dr. Greg
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Andy Lutomirski
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Jarkko Sakkinen
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Jarkko Sakkinen
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Andy Lutomirski
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Jarkko Sakkinen
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Jarkko Sakkinen
- Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
  - From: Dr. Greg

Prev by Date: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
Next by Date: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
Previous by thread: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
Next by thread: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
Index(es):
- Date
- Thread

[Index of Archives] [Linux Kernel Development] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI]