Re: [PATCH v20 00/28] Intel SGX1 support

From: Dave Hansen
Date: Thu Apr 18 2019 - 14:31:24 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.19 104/110] f2fs: fix to dirty inode for i_mode recovery"
Previous message: Greg Kroah-Hartman: "[PATCH 4.19 069/110] usbip: fix vhci_hcd controller counting"
In reply to: Andy Lutomirski: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Dr. Greg: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/18/19 10:10 AM, Dr. Greg wrote:
> Both the current controls for enclave access to the PROVISION
> attribute and the security controls that are being proposed to emerge
> for the driver, sometime in the future, suffer from being dependent on
> discretionary access controls, ie. file privileges, that can be
> defeated by a privilege escalation attack. Those of us building
> architectures on top of this technology have a need to certify that an
> application will provide security contracts robust in the face of a
> privilege escalation event or platform compromise.

I'm not following.

Are you saying that the implementation here is too permissive with the
enclaves that are allowed to run? Because it's too permissive, this
leaves us vulnerable to SGX being used to conceal a cache attack?

Next message: Greg Kroah-Hartman: "[PATCH 4.19 104/110] f2fs: fix to dirty inode for i_mode recovery"
Previous message: Greg Kroah-Hartman: "[PATCH 4.19 069/110] usbip: fix vhci_hcd controller counting"
In reply to: Andy Lutomirski: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Dr. Greg: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]