Re: [PATCH v17 18/23] platform/x86: Intel SGX driver

From: Jarkko Sakkinen
Date: Sat Nov 24 2018 - 11:16:09 EST

Next message: Nikolai Merinov: "[PATCH] partitions/efi: Fix partition name parsing in GUID partition entry"
Previous message: kbuild test robot: "Re: [PATCH v5 8/8] pinctrl: lochnagar: Add support for the Cirrus Logic Lochnagar"
Next in thread: Dr. Greg: "Re: [PATCH v17 18/23] platform/x86: Intel SGX driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Nov 20, 2018 at 05:15:08AM -0600, Dr. Greg wrote:
> Malware would not necessarily need the Intel attestation service.
> Once access to the PROVISION bit is available, malware teams could
> simply build their own attestation service.

AFAIK not possible as they wouldn't have access to the root provisioning
key. Can be confirmed from the SDM's key derivation table (41-56).

/Jarkko

Next message: Nikolai Merinov: "[PATCH] partitions/efi: Fix partition name parsing in GUID partition entry"
Previous message: kbuild test robot: "Re: [PATCH v5 8/8] pinctrl: lochnagar: Add support for the Cirrus Logic Lochnagar"
Next in thread: Dr. Greg: "Re: [PATCH v17 18/23] platform/x86: Intel SGX driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]