lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 9 Aug 2020 00:18:08 +0200
From:   Pavel Machek <pavel@....cz>
To:     "Dr. Greg" <greg@...ellic.com>
Cc:     Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>, x86@...nel.org,
        linux-sgx@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-doc@...r.kernel.org, Randy Dunlap <rdunlap@...radead.org>,
        Sean Christopherson <sean.j.christopherson@...el.com>,
        akpm@...ux-foundation.org, andriy.shevchenko@...ux.intel.com,
        asapek@...gle.com, bp@...en8.de, cedric.xing@...el.com,
        chenalexchen@...gle.com, conradparker@...gle.com,
        cyhanish@...gle.com, dave.hansen@...el.com, haitao.huang@...el.com,
        josh@...htriplett.org, kai.huang@...el.com, kai.svahn@...el.com,
        kmoy@...gle.com, ludloff@...gle.com, luto@...nel.org,
        nhorman@...hat.com, npmccallum@...hat.com, puiterwijk@...hat.com,
        rientjes@...gle.com, tglx@...utronix.de, yaozhangx@...gle.com
Subject: Re: [PATCH v36 23/24] docs: x86/sgx: Document SGX micro architecture
 and kernel internals

Hi!

> Good morning, I hope the week is progressing well for everyone.
> 
> > > CPUs starting from Icelake use Total Memory Encryption (TME) in
> > > the place of MEE. TME throws away the Merkle tree, which means
> > > losing integrity and anti-replay protection but also enables
> > > variable size memory pools for EPC.  Using this attack for
> > > benefit would require an interposer on the system bus.
> 
> > It is not exactly clear what "this attack" means.
> 
> In the new world that is SGX, 'this attack', roughly means that
> enclaves are susceptible to the same security threats that would be
> faced if you were running TLS/HTTPS or SSH without packet checksums
> and replay avoidance/detection mechanisms in place.

Umm, ssh w/o checksums would be rather dangerous, no? As in... if I can guess what you
are typing, I can make you type something else.

Anyway, it would be nice to somehow fix the document. It talks about "this attack"
without talking about any attack before, which is bad style.

Best regards,
									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Powered by blists - more mailing lists