| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 May 2016 03:50:14 -0500
From: "Dr. Greg Wettstein" <greg@...ellic.com>
To: Thomas Gleixner <tglx@...utronix.de>
Cc: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
"Austin S. Hemmelgarn" <ahferroin7@...il.com>,
Pavel Machek <pavel@....cz>, gregkh@...uxfoundation.org,
Andy Lutomirski <luto@...nel.org>,
Borislav Petkov <bp@...e.de>,
Boris Ostrovsky <boris.ostrovsky@...cle.com>,
"open list:STAGING SUBSYSTEM" <devel@...verdev.osuosl.org>,
Ingo Molnar <mingo@...nel.org>,
Kristen Carlson Accardi <kristen@...ux.intel.com>,
"open list:DOCUMENTATION" <linux-doc@...r.kernel.org>,
open list <linux-kernel@...r.kernel.org>,
Mathias Krause <minipli@...glemail.com>,
Wan Zongshun <Vincent.Wan@....com>
Subject: Re: [PATCH 0/6] Intel Secure Guard Extensions
On Mon, May 09, 2016 at 08:27:04AM +0200, Thomas Gleixner wrote:
Good morning.
> > On Fri, 6 May 2016, Jarkko Sakkinen wrote:
> > I fully understand if you (and others) want to keep this standpoint but
> > what if we could get it to staging after I've revised it with suggested
> >
> This should not go to staging at all. Either this is going to be a
> real useful driver or we just keep it out of tree.
> >
> > changes and internal changes in my TODO? Then it would not pollute the
> > mainline kernel but still would be easily available for experimentation.
> How are we supposed to experiment with that if there is no launch
> enclave for Linux available?
Build one in a simulator where an independent root enclave key can be
established. At least thats the approach we are working on with
Jarkko's patches.
Intel does have an instruction accurate simulator, Microsoft used it
for the work which was reported in the Haven paper. I believe the Air
Force academy used that simulator for their work on SGX as well.
As with other issues SGX related it is unclear why access to the
simulator was/is restricted. Given that Gen6 hardware is now emerging
there would seem to be even less reason to not have the simulator
generically available to allow implementations to be tested.
> Thanks,
>
> tglx
Have a good day.
As always,
Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC.
4206 N. 19th Ave. Specializing in information infra-structure
Fargo, ND 58102 development.
PH: 701-281-1686
FAX: 701-281-3949 EMAIL: greg@...ellic.com
------------------------------------------------------------------------------
"Everything should be made as simple as possible, but not simpler."
-- Albert Einstein
Powered by blists - more mailing lists