Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp1711636imm; Thu, 18 Oct 2018 02:58:13 -0700 (PDT) X-Google-Smtp-Source: ACcGV62IJXrDRzUw/tFYh9JuW7Jq/f67hoDrPIyEmFduXhrTGLck7XwiZZi7pipOTwlchMhWJ7zS X-Received: by 2002:a65:6295:: with SMTP id f21-v6mr28164862pgv.167.1539856693296; Thu, 18 Oct 2018 02:58:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539856693; cv=none; d=google.com; s=arc-20160816; b=Sbppfj/Tvn2hwJI9gJuAYShGvbkcHGf05nb9Bt1ms56Bo8e9762W1MlO15+/uQggdA 1CpVZgjPVTjSHacTHcQWfqIXL5xt1liBcltU73opBkmhuXlq2t4fi3Qey/NC6V/CfBxN AbKs/r3vJwlnNccLzMA7OeNG/QlG3G0Mt37+31KtXFdU9yl4ZrotvOmqGgXr0dA8Qyor yGAbH9yLmyFIv2zNB5YcNcYK8r0o07HJj2RH/TSlvcffB/pt/iGYmqUhmKirTrKm9sSM xEM99IF6H21nGDzfUOJ3lVtAiW6jJpZ/8npOyu+9ksGDhvxeqz0ZLLKqe7M7oSS1DxPO o6dA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=cOLhDMi2Y7is4Z6aVNtdpN3N/UdYMM9QbQf99Xgehgg=; b=IzlDuujTxCpou6yXL+qnXzm4Y2ro02mCm76vMr6SvsrG53CBZA8s9QYk/kCVLRXfsp 17Flk9Wg3y8NVGNAiDQxTH/3SwHsSAsGG6GAp9X4tnzLkFK2J+waw8gXtk10n5YoxZur oIWn5KGoT52re/I9YkLPUyIzjEwrlHzs+0ELZRTUzIkTBp4u+aTDUdG62AH3kmXzpGLC 8YEUS8fEDOqVB6I3/3BhSnF4R62rJT+Orlhlg6Lxz4tYerhWtKdubNK1KP7MQ+hbYNEe ui4a9kn9enMbNM8HG0pXpaWCFC99oCJl5uF1IYbHSk70RE8klUnn1C6srSRNEdrwiTAi iPIg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h3-v6si21269146plh.124.2018.10.18.02.57.57; Thu, 18 Oct 2018 02:58:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728110AbeJRR5p (ORCPT + 99 others); Thu, 18 Oct 2018 13:57:45 -0400 Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:37043 "EHLO atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728071AbeJRR5o (ORCPT ); Thu, 18 Oct 2018 13:57:44 -0400 Received: by atrey.karlin.mff.cuni.cz (Postfix, from userid 512) id B2C0B808CC; Thu, 18 Oct 2018 11:57:26 +0200 (CEST) Date: Thu, 18 Oct 2018 11:57:27 +0200 From: Pavel Machek To: Jarkko Sakkinen Cc: x86@kernel.org, platform-driver-x86@vger.kernel.org, dave.hansen@intel.com, sean.j.christopherson@intel.com, nhorman@redhat.com, npmccallum@redhat.com, serge.ayoun@intel.com, shay.katz-zamir@intel.com, linux-sgx@vger.kernel.org, andriy.shevchenko@linux.intel.com, Jonathan Corbet , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , "open list:DOCUMENTATION" , open list Subject: Re: [PATCH v14 19/19] x86/sgx: Driver documentation Message-ID: <20181018095727.GC10861@amd> References: <20180925130845.9962-1-jarkko.sakkinen@linux.intel.com> <20180925130845.9962-20-jarkko.sakkinen@linux.intel.com> <20181015205436.GA28500@amd> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="6zdv2QT/q3FMhpsV" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --6zdv2QT/q3FMhpsV Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu 2018-10-18 02:45:27, Jarkko Sakkinen wrote: > On Mon, 15 Oct 2018, Pavel Machek wrote: > >On Tue 2018-09-25 16:06:56, Jarkko Sakkinen wrote: > >>+Intel(R) SGX is a set of CPU instructions that can be used by applicat= ions to > >>+set aside private regions of code and data. The code outside the encla= ve is > >>+disallowed to access the memory inside the enclave by the CPU access c= ontrol. > >>+In a way you can think that SGX provides inverted sandbox. It protects= the > >>+application from a malicious host. > > > >Well, recently hardware had some problems keeping its > >promises. So... what about rowhammer, meltdown and spectre? >=20 > Doesn't hardware always have this problem over time? No, not really. In this case, tries to protect from hardware "attacks" done by machine owner. That job is theoretically impossible, so you have harder situation than most.. > >Which ones apply, which ones do not, and on what cpu generations? >=20 > Definitely should be refined. >=20 > Meltdowns approach AFAIK does not work because reads outside the enclave > will always have a predefined value (-1) but only if the page is present, > which was later exploited in the Foreshadow attack. What about L1tf and https://github.com/lsds/spectre-attack-sgx ? Pavel --=20 (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blo= g.html --6zdv2QT/q3FMhpsV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlvIWQcACgkQMOfwapXb+vIbCwCgw3wWxvBiMbEy5TVWTbYyQmif TjkAniEwkld7XGcUBTl90sv+3trigWg1 =YAi6 -----END PGP SIGNATURE----- --6zdv2QT/q3FMhpsV--