Thread (18 messages) 18 messages, 7 authors, 2018-12-11

Re: [PATCH v11 00/13] Intel SGX1 support

From: Jarkko Sakkinen <hidden>
Date: 2018-06-19 15:00:12
Also in: kvm, linux-doc, lkml, platform-driver-x86

On Tue, Jun 12, 2018 at 12:50:12PM +0200, Pavel Machek wrote:
On Fri 2018-06-08 19:09:35, Jarkko Sakkinen wrote:
quoted
Intel(R) SGX is a set of CPU instructions that can be used by applications
to set aside private regions of code and data. The code outside the enclave
is disallowed to access the memory inside the enclave by the CPU access
control.  In a way you can think that SGX provides inverted sandbox. It
protects the application from a malicious host.
Do you intend to allow non-root applications to use SGX?

What are non-evil uses for SGX?

...because it is quite useful for some kinds of evil:
The default permissions for the device are 600.

/Jarkko
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help