Re: [PATCH v20 00/28] Intel SGX1 support
From: Sean Christopherson
Date: Mon Apr 22 2019 - 12:48:38 EST
On Mon, Apr 22, 2019 at 11:24:11AM -0500, Dr. Greg wrote:
> On Mon, Apr 22, 2019 at 08:01:19AM -0700, Sean Christopherson wrote:
>
> Good morning to everyone, I hope the week is starting well.
>
> > On Sat, Apr 20, 2019 at 11:02:47AM -0500, Dr. Greg wrote:
> > > We understand and support the need for the LSM to trap these
> > > events, but what does LSM provenance mean if the platform is
> > > compromised? That is, technically, the target application for SGX
> > > technology.
>
> > No, it's not. Protecting the kernel/platform from a malicious
> > entity is outside the scope of SGX.
>
> You must have misinterpreted my statement, providing security
> guarantees in the face of a compromised platform is exactly what SGX
> was designed to do and is how Intel is marketing the technology.
Right, and loading a malicious enclave doesn't change those guarantees
(for other enclaves). Ergo, restricting which enclaves can execute is
orthogonal to the security provided by SGX.