[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-keyrings
Subject:    Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME)
From:       "Sakkinen, Jarkko" <jarkko.sakkinen () intel ! com>
Date:       2018-12-13 5:52:12
Message-ID: d33cc487ebce596056096e3db46ee1ae0e9d7da6.camel () intel ! com
[Download RAW message or body]

On Thu, 2018-12-13 at 07:49 +0200, Jarkko Sakkinen wrote:
> On Thu, 2018-12-13 at 07:27 +0800, Huang, Kai wrote:
> > > This all should be summarized in the documentation (high-level model and
> > > corner cases).
> > 
> > I am not sure whether it is necessary to document L1TF explicitly, since it
> > is
> > quite obvious that MKTME doesn't prevent that. IMHO if needed we only need
> > to
> > mention MKTME doesn't prevent any sort of cache based attack, since data in
> > cache is in clear.
> > 
> > In fact SGX doesn't prevent this either..
> 
> Sorry, was a bit unclear. I meant the assumptions and goals.

I.e. what I put in my earlier response, what belongs to TCB and what
types adversaries is pursued to be protected.

/Jarkko

[prev in list] [next in list] [prev in thread] [next in thread]