| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Apr 2019 11:24:11 -0500
From: "Dr. Greg" <greg@...ellic.com>
To: Sean Christopherson <sean.j.christopherson@...el.com>
Cc: "Dr. Greg" <greg@...ellic.com>,
Thomas Gleixner <tglx@...utronix.de>,
Jethro Beekman <jethro@...tanix.com>,
Andy Lutomirski <luto@...capital.net>,
Andy Lutomirski <luto@...nel.org>,
Dave Hansen <dave.hansen@...el.com>,
Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>, X86 ML <x86@...nel.org>,
"linux-sgx@...r.kernel.org" <linux-sgx@...r.kernel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
"nhorman@...hat.com" <nhorman@...hat.com>,
"npmccallum@...hat.com" <npmccallum@...hat.com>,
"Ayoun, Serge" <serge.ayoun@...el.com>,
"Katz-zamir, Shay" <shay.katz-zamir@...el.com>,
"Huang, Haitao" <haitao.huang@...el.com>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
"Svahn, Kai" <kai.svahn@...el.com>, Borislav Petkov <bp@...en8.de>,
Josh Triplett <josh@...htriplett.org>,
"Huang, Kai" <kai.huang@...el.com>,
David Rientjes <rientjes@...gle.com>
Subject: Re: [PATCH v20 00/28] Intel SGX1 support
On Mon, Apr 22, 2019 at 08:01:19AM -0700, Sean Christopherson wrote:
Good morning to everyone, I hope the week is starting well.
> On Sat, Apr 20, 2019 at 11:02:47AM -0500, Dr. Greg wrote:
> > We understand and support the need for the LSM to trap these
> > events, but what does LSM provenance mean if the platform is
> > compromised? That is, technically, the target application for SGX
> > technology.
> No, it's not. Protecting the kernel/platform from a malicious
> entity is outside the scope of SGX.
You must have misinterpreted my statement, providing security
guarantees in the face of a compromised platform is exactly what SGX
was designed to do and is how Intel is marketing the technology.
>From the first paragraph (Introduction) in the following document:
https://software.intel.com/sites/default/files/managed/50/8c/Intel-SGX-Product-Brief.pdf
"Intel Software Guard Extensions (Intel SGX) protects selected code
and data from disclosure or modification. Developers can partition
their application into CPU hardened 'enclaves' or protected areas of
execution that increase security even on compromised platforms".
In addition, one of the major use cases for this technology is the
ability to push data and application code up onto cloud platforms with
a guarantee that not even the platform owner or administrators can
compromise the integrity or confidentiality of the code and data.
As I've noted before, from an OS driver perspective, security and
privacy models which are dependent on an uncompromised platform and
user privileges are inconsistent with the SGX security architecture.
Doing SGX right is about applying cryptographically defined provenance
and integrity models.
Our autonomous introspection technology uses SGX to protect the
platform at large but we are unique with respect to how the technology
is being applied.
Have a good day.
Dr. Greg
As always,
Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC.
4206 N. 19th Ave. Specializing in information infra-structure
Fargo, ND 58102 development.
PH: 701-281-1686
FAX: 701-281-3949 EMAIL: greg@...ellic.com
------------------------------------------------------------------------------
"You and Uncle Pete drank the whole thing? That was a $250.00 bottle
of whisky.
Yeah, it was good."
-- Rick Engen
Resurrection.
Powered by blists - more mailing lists