Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp4381380imm;
        Mon, 15 Oct 2018 13:55:15 -0700 (PDT)
X-Google-Smtp-Source: ACcGV60z7lJe6qrI/ag/O6Od/vBP5HX7LZjQt4ZL1chb5iIbcmVen1fQqhjYX01wOxmF4OaAknSw
X-Received: by 2002:a63:6b05:: with SMTP id g5-v6mr17647797pgc.344.1539636915636;
        Mon, 15 Oct 2018 13:55:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1539636915; cv=none;
        d=google.com; s=arc-20160816;
        b=wSHngMobavN4/9w7m5avgQDz/qeglybcetlsIqRRY4+eOASg4JjlZx9Zaz5eMq3Is/
         fAASRouDY3JsUSZ+hdhBiKuGQBd3uw3dDZi14NmcY88d9kkl7ymQ2VBX7VzNHqlrnQAP
         lhBG9livnm4PIWGRubqG9Q/+M00bLQBf8kjb8nXim78tPtSniTedlVeEMFnTGaVGW0Rw
         YXapLgGKRrHfE2ZWfV4SBAlN7+1uMocqLDW9ZPeDsXbwJpGvKMZ+sPxqB0BV3buLJtZQ
         /rnxXJqRXt1wqHn/otFPrny3aKmgRf6dvjcugl5IQcwQtUTQ/LRY6F/1MyuP0tDVfKaz
         PiAw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=KV2LDz3r73L+dHtMmHGaw5EZdLCjUko1/9iZA7+HbVA=;
        b=oQIIr9bzUUXig3K/9lmHEUAy/2ccZSfiDrluUut16gmZCxSpdfASlWlocAsGPNmWR/
         sHMV2cIxllTCseApZNI35/56lhxhKRItDdpjXZ3or05jQZRkakPeu+JZhqa0+A9iWLTQ
         +FAKGujaC3/RoCjWgNWBFe5dI1boX7nl7wwxj9Seb5KDZ9AFd1WegghXpuaeU4xtVb88
         t22ByxXRyLoy46Msth0x8hJGiH3gVQSP1iR6g9ctMnMqXEdVo1Dzt3PbJ6ge86VWyNCs
         p+nIRpCA9O8tZbwOS9xFA+BzqBcRY8aSUjRROMGgMStpkoctxS5QGlU5qLYXyUcv+mka
         KEqQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 8-v6si12047358pla.252.2018.10.15.13.54.59;
        Mon, 15 Oct 2018 13:55:15 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726917AbeJPEle (ORCPT
        <rfc822;paul.schmitz.hallo.parkuhr@gmail.com> + 99 others);
        Tue, 16 Oct 2018 00:41:34 -0400
Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:54116 "EHLO
        atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726091AbeJPEle (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 16 Oct 2018 00:41:34 -0400
Received: by atrey.karlin.mff.cuni.cz (Postfix, from userid 512)
        id A906B80889; Mon, 15 Oct 2018 22:54:37 +0200 (CEST)
Date:   Mon, 15 Oct 2018 22:54:36 +0200
From:   Pavel Machek <pavel@ucw.cz>
To:     Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc:     x86@kernel.org, platform-driver-x86@vger.kernel.org,
        dave.hansen@intel.com, sean.j.christopherson@intel.com,
        nhorman@redhat.com, npmccallum@redhat.com, serge.ayoun@intel.com,
        shay.katz-zamir@intel.com, linux-sgx@vger.kernel.org,
        andriy.shevchenko@linux.intel.com,
        Jonathan Corbet <corbet@lwn.net>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        "H. Peter Anvin" <hpa@zytor.com>,
        "open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
        open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v14 19/19] x86/sgx: Driver documentation
Message-ID: <20181015205436.GA28500@amd>
References: <20180925130845.9962-1-jarkko.sakkinen@linux.intel.com>
 <20180925130845.9962-20-jarkko.sakkinen@linux.intel.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="XsQoSWH+UP9D9v3l"
Content-Disposition: inline
In-Reply-To: <20180925130845.9962-20-jarkko.sakkinen@linux.intel.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


--XsQoSWH+UP9D9v3l
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue 2018-09-25 16:06:56, Jarkko Sakkinen wrote:
> Documentation of the features of the Software Guard eXtensions used
> by the Linux kernel and basic design choices for the core and driver
> and functionality.
>=20
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

> --- /dev/null
> +++ b/Documentation/x86/intel_sgx.rst
> @@ -0,0 +1,185 @@
> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> +Intel(R) SGX driver
> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> +
> +Introduction
> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> +
> +Intel(R) SGX is a set of CPU instructions that can be used by applicatio=
ns to
> +set aside private regions of code and data. The code outside the enclave=
 is
> +disallowed to access the memory inside the enclave by the CPU access con=
trol.
> +In a way you can think that SGX provides inverted sandbox. It protects t=
he
> +application from a malicious host.

Well, recently hardware had some problems keeping its
promises. So... what about rowhammer, meltdown and spectre?

Which ones apply, which ones do not, and on what cpu generations?

> +Overview of SGX
> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> +
> +SGX has a set of data structures to maintain information about the encla=
ves and
> +their security properties. BIOS reserves a fixed size region of physical=
 memory
> +for these structures by setting Processor Reserved Memory Range Registers
> +(PRMRR).
> +
> +This memory range is protected from outside access by the CPU and all th=
e data
> +coming in and out of the CPU package is encrypted by a key that is gener=
ated for
> +each boot cycle.

Encryption, that sounds nice, but it is hard to do right. If SGX
protected code changes single bit in its memory, how many bits will be
changed in physical RAM?

Can we get security people to look at this and perhaps tells us what
properties it has?

Thanks,
									Pavel
--=20
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blo=
g.html

--XsQoSWH+UP9D9v3l
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlvE/owACgkQMOfwapXb+vI5JACeIS4TIY4nGCXYOUBBdtMzSfEh
JH4AoKFfu10QTC4CbpAC/REiWoJy7pLi
=Zkv5
-----END PGP SIGNATURE-----

--XsQoSWH+UP9D9v3l--