On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> On Tue, Nov 21, 2017 at 12:48:26AM +0100, Thomas Gleixner wrote:
> > The launch enclave is part of the kernel, at least that's what the subject
> > line claims. So why and how would it do a syscall? The kernel has it's
> > internal crypto API.
>
>
On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> On Tue, Nov 21, 2017 at 12:48:26AM +0100, Thomas Gleixner wrote:
> > The launch enclave is part of the kernel, at least that's what the subject
> > line claims. So why and how would it do a syscall? The kernel has it's
> > internal crypto API.
>
>
On Tue, Nov 21, 2017 at 12:48:26AM +0100, Thomas Gleixner wrote:
> The launch enclave is part of the kernel, at least that's what the subject
> line claims. So why and how would it do a syscall? The kernel has it's
> internal crypto API.
It's part of the kernel in the way as lets say code
On Tue, Nov 21, 2017 at 12:48:26AM +0100, Thomas Gleixner wrote:
> The launch enclave is part of the kernel, at least that's what the subject
> line claims. So why and how would it do a syscall? The kernel has it's
> internal crypto API.
It's part of the kernel in the way as lets say code
On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> On Mon, Nov 20, 2017 at 11:43:22PM +0100, Thomas Gleixner wrote:
> > On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> > > On Wed, Nov 15, 2017 at 12:50:06PM +0100, Peter Zijlstra wrote:
> > > > On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen
On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> On Mon, Nov 20, 2017 at 11:43:22PM +0100, Thomas Gleixner wrote:
> > On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> > > On Wed, Nov 15, 2017 at 12:50:06PM +0100, Peter Zijlstra wrote:
> > > > On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen
On Mon, Nov 20, 2017 at 11:43:22PM +0100, Thomas Gleixner wrote:
> On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> > On Wed, Nov 15, 2017 at 12:50:06PM +0100, Peter Zijlstra wrote:
> > > On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen wrote:
> > > > TinyCrypt
On Mon, Nov 20, 2017 at 11:43:22PM +0100, Thomas Gleixner wrote:
> On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> > On Wed, Nov 15, 2017 at 12:50:06PM +0100, Peter Zijlstra wrote:
> > > On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen wrote:
> > > > TinyCrypt
On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> On Wed, Nov 15, 2017 at 12:50:06PM +0100, Peter Zijlstra wrote:
> > On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen wrote:
> > > TinyCrypt (https://github.com/01org/tinycrypt) is used as AES
> > > implementation, which is not timing
On Tue, 21 Nov 2017, Jarkko Sakkinen wrote:
> On Wed, Nov 15, 2017 at 12:50:06PM +0100, Peter Zijlstra wrote:
> > On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen wrote:
> > > TinyCrypt (https://github.com/01org/tinycrypt) is used as AES
> > > implementation, which is not timing
On Wed, Nov 15, 2017 at 12:50:06PM +0100, Peter Zijlstra wrote:
> On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen wrote:
> > TinyCrypt (https://github.com/01org/tinycrypt) is used as AES
> > implementation, which is not timing resistant. Eventually this needs to
> > be replaced with
On Wed, Nov 15, 2017 at 12:50:06PM +0100, Peter Zijlstra wrote:
> On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen wrote:
> > TinyCrypt (https://github.com/01org/tinycrypt) is used as AES
> > implementation, which is not timing resistant. Eventually this needs to
> > be replaced with
On Tue, Nov 14, 2017 at 10:05:05PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 14, 2017 at 09:05:09AM -0800, Sean Christopherson wrote:
> > Unless there is some conflict you are worried about, "signing_key.pem" is
> > preferable as the default name so that the key is ignored via the top-level
> >
On Tue, Nov 14, 2017 at 10:05:05PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 14, 2017 at 09:05:09AM -0800, Sean Christopherson wrote:
> > Unless there is some conflict you are worried about, "signing_key.pem" is
> > preferable as the default name so that the key is ignored via the top-level
> >
On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen wrote:
> TinyCrypt (https://github.com/01org/tinycrypt) is used as AES
> implementation, which is not timing resistant. Eventually this needs to
> be replaced with AES-NI based implementation that could be either
> - re-use existing AES-NI
On Mon, Nov 13, 2017 at 09:45:25PM +0200, Jarkko Sakkinen wrote:
> TinyCrypt (https://github.com/01org/tinycrypt) is used as AES
> implementation, which is not timing resistant. Eventually this needs to
> be replaced with AES-NI based implementation that could be either
> - re-use existing AES-NI
On Tue, Nov 14, 2017 at 09:05:09AM -0800, Sean Christopherson wrote:
> Unless there is some conflict you are worried about, "signing_key.pem" is
> preferable as the default name so that the key is ignored via the top-level
> .gitignore. The intel_sgx dir should have also a .gitignore to exclude
On Tue, Nov 14, 2017 at 09:05:09AM -0800, Sean Christopherson wrote:
> Unless there is some conflict you are worried about, "signing_key.pem" is
> preferable as the default name so that the key is ignored via the top-level
> .gitignore. The intel_sgx dir should have also a .gitignore to exclude
On Mon, 2017-11-13 at 21:45 +0200, Jarkko Sakkinen wrote:
> This commits implements the in-kernel launch enclave. It is wrapped into
> a user space program that reads SIGSTRUCT instances from stdin and
> outputs launch tokens to stdout.
>
> The commit also adds enclave signing tool that is used
On Mon, 2017-11-13 at 21:45 +0200, Jarkko Sakkinen wrote:
> This commits implements the in-kernel launch enclave. It is wrapped into
> a user space program that reads SIGSTRUCT instances from stdin and
> outputs launch tokens to stdout.
>
> The commit also adds enclave signing tool that is used
This commits implements the in-kernel launch enclave. It is wrapped into
a user space program that reads SIGSTRUCT instances from stdin and
outputs launch tokens to stdout.
The commit also adds enclave signing tool that is used by kbuild to
measure and sign the launch enclave.
This commits implements the in-kernel launch enclave. It is wrapped into
a user space program that reads SIGSTRUCT instances from stdin and
outputs launch tokens to stdout.
The commit also adds enclave signing tool that is used by kbuild to
measure and sign the launch enclave.
22 matches
Mail list logo