On 2019-07-14 07:36, Jarkko Sakkinen wrote:
On Sat, Jul 13, 2019 at 08:07:36PM +0300, Jarkko Sakkinen wrote:
v21:
* Check on mmap() that the VMA does cover an area that does not have
enclave pages. Only mapping with PROT_NONE can do that to reserve
initial address space for an enclave.
* C
On Sat, Jul 13, 2019 at 08:07:36PM +0300, Jarkko Sakkinen wrote:
> v21:
> * Check on mmap() that the VMA does cover an area that does not have
> enclave pages. Only mapping with PROT_NONE can do that to reserve
> initial address space for an enclave.
> * Check om mmap() and mprotect() that the
Intel(R) SGX is a set of CPU instructions that can be used by applications
to set aside private regions of code and data. The code outside the enclave
is disallowed to access the memory inside the enclave by the CPU access
control. In a way you can think that SGX provides inverted sandbox. It
prot
3 matches
Mail list logo