Re: [intel-sgx-kernel-dev] SGX notes from KS/LPC

On Wed, Mar 8, 2017 at 10:03 PM, Kai Huang wrote: > === Virtualization considerations === At some point, someone will need to > decide what restrictions if any KVM should impose on its guests' use of SGX. > For example, should KVM limit the set of SGXLEPUBKEYHASH values that

Re: [intel-sgx-kernel-dev] SGX notes from KS/LPC

On Wed, Mar 8, 2017 at 10:03 PM, Kai Huang wrote: > === Virtualization considerations === At some point, someone will need to > decide what restrictions if any KVM should impose on its guests' use of SGX. > For example, should KVM limit the set of SGXLEPUBKEYHASH values that its > guests can use?

Re: SGX notes from KS/LPC

On Wed, Mar 8, 2017 at 12:19 PM, Andy Lutomirski wrote: > There's a change coming to SGX > in future CPUs called "Flexible Launch Control" (marketing speak) and > IA32_PUBKEYHASH (in the SDM) And if you try to look this up, you'll notice that I typed it wrong. It's

Re: SGX notes from KS/LPC

On Wed, Mar 8, 2017 at 12:19 PM, Andy Lutomirski wrote: > There's a change coming to SGX > in future CPUs called "Flexible Launch Control" (marketing speak) and > IA32_PUBKEYHASH (in the SDM) And if you try to look this up, you'll notice that I typed it wrong. It's IA32_SGXLEPUBKEYHASH. Whoops.

Re: SGX notes from KS/LPC

On Wed, Mar 08, 2017 at 12:19:22PM -0800, Andy Lutomirski wrote: > On Wed, Mar 8, 2017 at 10:48 AM, Andy Lutomirski wrote: > > Hi- > > > > Here are my notes on SGX issues from KS/LPC. It seems that I never > > emailed it out to a public list -- oops. It may contain any number

Re: SGX notes from KS/LPC

On Wed, Mar 08, 2017 at 12:19:22PM -0800, Andy Lutomirski wrote: > On Wed, Mar 8, 2017 at 10:48 AM, Andy Lutomirski wrote: > > Hi- > > > > Here are my notes on SGX issues from KS/LPC. It seems that I never > > emailed it out to a public list -- oops. It may contain any number of > > typos or

Re: SGX notes from KS/LPC

On Wed, Mar 8, 2017 at 10:48 AM, Andy Lutomirski wrote: > Hi- > > Here are my notes on SGX issues from KS/LPC. It seems that I never > emailed it out to a public list -- oops. It may contain any number of > typos or outright errors. Willy Tarreau points out that I didn't

Re: SGX notes from KS/LPC

On Wed, Mar 8, 2017 at 10:48 AM, Andy Lutomirski wrote: > Hi- > > Here are my notes on SGX issues from KS/LPC. It seems that I never > emailed it out to a public list -- oops. It may contain any number of > typos or outright errors. Willy Tarreau points out that I didn't define SGX at all.

SGX notes from KS/LPC

Hi- Here are my notes on SGX issues from KS/LPC. It seems that I never emailed it out to a public list -- oops. It may contain any number of typos or outright errors. +++ cut here +++ === Background and terminology === An enclave is an SGX enclave. Once launched, unless the enclave is

SGX notes from KS/LPC

Hi- Here are my notes on SGX issues from KS/LPC. It seems that I never emailed it out to a public list -- oops. It may contain any number of typos or outright errors. +++ cut here +++ === Background and terminology === An enclave is an SGX enclave. Once launched, unless the enclave is