Re: [PATCH v14 19/19] x86/sgx: Driver documentation

From: Jarkko Sakkinen
Date: Fri Oct 19 2018 - 20:00:08 EST

Next message: David Miller: "Re: [PATCH v3 net-next 0/2] Add support for Microchip Technology KSZ9131 10/100/1000 Ethernet PHY"
Previous message: Randy Dunlap: "[PATCH] Documentation: dynamic_debug: fix a couple of typos"
In reply to: Pavel Machek: "Re: [PATCH v14 19/19] x86/sgx: Driver documentation"
Next in thread: Dave Hansen: "Re: [PATCH v14 19/19] x86/sgx: Driver documentation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 18 Oct 2018, Pavel Machek wrote:

Definitely should be refined.

Meltdowns approach AFAIK does not work because reads outside the enclave
will always have a predefined value (-1) but only if the page is present,
which was later exploited in the Foreshadow attack.

What about L1tf and https://github.com/lsds/spectre-attack-sgx ?

L1TF is the vuln and Foreshadow is the attack taking advantage of the
vuln. I didn't mean to patch the documention in my response or give
extensive list of the vulns if you expected that.

For kernel documentation it does make sense to give a threat model
but not enumerate every possible vuln.

/Jarkko

Next message: David Miller: "Re: [PATCH v3 net-next 0/2] Add support for Microchip Technology KSZ9131 10/100/1000 Ethernet PHY"
Previous message: Randy Dunlap: "[PATCH] Documentation: dynamic_debug: fix a couple of typos"
In reply to: Pavel Machek: "Re: [PATCH v14 19/19] x86/sgx: Driver documentation"
Next in thread: Dave Hansen: "Re: [PATCH v14 19/19] x86/sgx: Driver documentation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]