On Mon, Apr 22, 2019 at 11:24:11AM -0500, Dr. Greg wrote: > On Mon, Apr 22, 2019 at 08:01:19AM -0700, Sean Christopherson wrote: > > Good morning to everyone, I hope the week is starting well. > > > On Sat, Apr 20, 2019 at 11:02:47AM -0500, Dr. Greg wrote: > > > We understand and support the need for the LSM to trap these > > > events, but what does LSM provenance mean if the platform is > > > compromised? That is, technically, the target application for SGX > > > technology. > > > No, it's not. Protecting the kernel/platform from a malicious > > entity is outside the scope of SGX. > > You must have misinterpreted my statement, providing security > guarantees in the face of a compromised platform is exactly what SGX > was designed to do and is how Intel is marketing the technology.
Right, and loading a malicious enclave doesn't change those guarantees (for other enclaves). Ergo, restricting which enclaves can execute is orthogonal to the security provided by SGX.
