On 10/15/2018 01:54 PM, Pavel Machek wrote: >> +Intel(R) SGX is a set of CPU instructions that can be used by applications >> to >> +set aside private regions of code and data. The code outside the enclave is >> +disallowed to access the memory inside the enclave by the CPU access >> control. >> +In a way you can think that SGX provides inverted sandbox. It protects the >> +application from a malicious host. > Well, recently hardware had some problems keeping its > promises. So... what about rowhammer, meltdown and spectre?
There's a ton of documentation out there about what kinds of protections SGX provides. I don't think this is an appropriate place to have an exhaustive discussion about it. But, there's extensive discussion of it on Intel's security site: https://software.intel.com/security-software-guidance/ There's documentation on how L1TF affects SGX here: https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault Or Spectre v2 here: https://software.intel.com/security-software-guidance/software-guidance/bounds-check-bypass > Which ones apply, which ones do not, and on what cpu generations? The CVEs list this in pretty exhaustive detail. The L1TF/SGX one, for example: https://nvd.nist.gov/vuln/detail/CVE-2018-3615 Lists a bunch of processor models.
