Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752758AbcDZTAQ (ORCPT ); Tue, 26 Apr 2016 15:00:16 -0400 Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:45658 "EHLO atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752074AbcDZTAN (ORCPT ); Tue, 26 Apr 2016 15:00:13 -0400 Date: Tue, 26 Apr 2016 21:00:10 +0200 From: Pavel Machek To: Jarkko Sakkinen Cc: gregkh@linuxfoundation.org, Andy Lutomirski , Borislav Petkov , Boris Ostrovsky , "open list:STAGING SUBSYSTEM" , Ingo Molnar , Kristen Carlson Accardi , "open list:DOCUMENTATION" , open list , Mathias Krause , Thomas Gleixner , Wan Zongshun Subject: Re: [PATCH 0/6] Intel Secure Guard Extensions Message-ID: <20160426190009.GC8162@amd> References: <1461605698-12385-1-git-send-email-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1461605698-12385-1-git-send-email-jarkko.sakkinen@linux.intel.com> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 766 Lines: 18 On Mon 2016-04-25 20:34:07, Jarkko Sakkinen wrote: > Intel(R) SGX is a set of CPU instructions that can be used by > applications to set aside private regions of code and data. The code > outside the enclave is disallowed to access the memory inside the > enclave by the CPU access control. > > The firmware uses PRMRR registers to reserve an area of physical memory > called Enclave Page Cache (EPC). There is a hardware unit in the > processor called Memory Encryption Engine. The MEE encrypts and decrypts > the EPC pages as they enter and leave the processor package. What are non-evil use cases for this? Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html