Announcement

Collapse
No announcement yet.

Intel SGX Linux Patches Posted For Their 30th Round Of Review

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Intel SGX Linux Patches Posted For Their 30th Round Of Review

    Phoronix: Intel SGX Linux Patches Posted For Their 30th Round Of Review

    Weeks ahead of the Linux 5.8 kernel cycle kicking off it's still not clear if the Intel SGX foundation patches will be ready for merging, but they were sent out today as version 30 of this long-running effort for supporting the Intel enclaves functionality on the mainline kernel...

    http://www.phoronix.com/scan.php?pag...undations-30th

  • #2
    Due to LVI, SGX is useless and you know it.
    Why are you still trying to push it forward?

    Comment


    • #3
      They'll fix LVI in a next microarch iteration and mitigate on current cores. Or you think they should to throw it out of the window and implement a new extantion from scratch just because of some side channel attack?

      Comment


      • #4
        Originally posted by klokik View Post
        They'll fix LVI in a next microarch iteration and mitigate on current cores.
        They can't mitigate because the security researchers who discovered LVI also discovered that it can affect the attestation. If you can fake the attestation then the security guarantees of SGX do not hold any longer.

        OEMs are now disabling undervolting through BIOS updates but that can be circumvented (e.g. with old BIOS). What Intel nor OEMs cannot fix easily is talking to the voltage regulation controller directly which has also been demonstrated.

        Comment

        Working...
        X