lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <op.0zmwm1ogwjvjmi@arkane-mobl1.gar.corp.intel.com>
Date:   Tue, 02 Mar 2021 09:48:56 -0600
From:   "Haitao Huang" <haitao.huang@...ux.intel.com>
To:     "Borislav Petkov" <bp@...en8.de>, "Kai Huang" <kai.huang@...el.com>
Cc:     kvm@...r.kernel.org, x86@...nel.org, linux-sgx@...r.kernel.org,
        linux-kernel@...r.kernel.org, seanjc@...gle.com, jarkko@...nel.org,
        luto@...nel.org, dave.hansen@...el.com, rick.p.edgecombe@...el.com,
        haitao.huang@...el.com, pbonzini@...hat.com, tglx@...utronix.de,
        mingo@...hat.com, hpa@...or.com
Subject: Re: [PATCH 02/25] x86/cpufeatures: Add SGX1 and SGX2 sub-features

On Mon, 01 Mar 2021 05:43:06 -0600, Kai Huang <kai.huang@...el.com> wrote:

> On Mon, 2021-03-01 at 12:32 +0100, Borislav Petkov wrote:
>> On Tue, Mar 02, 2021 at 12:28:27AM +1300, Kai Huang wrote:
>> > I think some script can utilize /proc/cpuinfo. For instance, admin  
>> can have
>> > automation tool/script to deploy enclave (with sgx2) apps, and that  
>> script can check
>> > whether platform supports sgx2 or not, before it can deploy those  
>> enclave apps. Or
>> > enclave author may just want to check /proc/cpuinfo to know whether  
>> the machine can
>> > be used for testing sgx2 enclave or not.
>>
>> This doesn't sound like a concrete use of this. So you can hide it
>> initially with "" until you guys have a use case. Exposing it later is
>> always easy vs exposing it now and then not being able to change it
>> anymore.
>>
>
> Hi Haitao, Jarkko,
>
> Do you have more concrete use case of needing "sgx2" in /proc/cpuinfo?
>

I don't have specific use cases so far. But I think users would expect all  
sub-features supported by the cpu in /proc/cpuinfo. And it is a more  
convenient and readily available tool than cpuid for verifying sgx2  
enabled in HW. So it'd be just nice for cpuinfo to be consistent with  
cpuid output.

Thanks
Haitao

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ