Re: [RFC PATCH] mm: extend memfd with ability to create "secret" memory areas
From: Florian Weimer <hidden>
Date: 2020-08-26 19:01:42
Also in:
linux-mm, lkml
From: Florian Weimer <hidden>
Date: 2020-08-26 19:01:42
Also in:
linux-mm, lkml
* Andy Lutomirski:
quoted
I _believe_ there are also things like AES-NI that can get strong protection from stuff like this. They load encryption keys into (AVX) registers and then can do encrypt/decrypt operations without the keys leaving the registers. If the key was loaded from a secret memory area right into the registers, I think the protection from cache attacks would be pretty strong.Except for context switches :)
An rseq sequence could request that the AVX registers should be cleared on context switch. (I'm mostly kidding.) I think the main issue is that we do not have a good established programming model to actually use such features and completely avoid making copies of secret data.