Re: [PATCH] Ability to read the MKTME status from userspace

From: Richard Hughes
Date: Fri Jun 19 2020 - 10:36:58 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.4 041/101] ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb"
Previous message: Greg Kroah-Hartman: "[PATCH 4.4 007/101] ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook"
In reply to: Dave Hansen: "Re: [PATCH] Ability to read the MKTME status from userspace"
Next in thread: Dave Hansen: "Re: [PATCH] Ability to read the MKTME status from userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 19 Jun 2020 at 15:23, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
> Last night, I asked my kids if they brushed their teeth. They said:
> "Dad, my toothbrush was available." They argued that mere availability
> was a better situation than not *having* a toothbrush. They were
> logically right, of course, but they still got cavities.

I don't see how that's comparable, sorry. Surely Intel wants to sell
hardware advertising TME as a security feature?

> > So my take-away from that is that it's currently impossible to
> > actually say if your system is *actually* using TME.
> Not in a generic way, and it can't be derived from cpuid or MSRs alone.

Well, it seems not in any way at the moment.

> I'm pretty sure I'm using TME, but I didn't become sure from
> poking at sysfs.

How do you know that Lenovo didn't disable TME without looking at
dmesg? I don't think "pretty sure" is good enough when TME is
considered a security feature.

Richard

Next message: Greg Kroah-Hartman: "[PATCH 4.4 041/101] ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb"
Previous message: Greg Kroah-Hartman: "[PATCH 4.4 007/101] ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook"
In reply to: Dave Hansen: "Re: [PATCH] Ability to read the MKTME status from userspace"
Next in thread: Dave Hansen: "Re: [PATCH] Ability to read the MKTME status from userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]