Announcement

Collapse
No announcement yet.

Intel SGX Linux Patches Posted For Their 30th Round Of Review

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
    chithanh
    Senior Member

  • chithanh
    replied
    Originally posted by klokik View Post
    They'll fix LVI in a next microarch iteration and mitigate on current cores.
    They can't mitigate because the security researchers who discovered LVI also discovered that it can affect the attestation. If you can fake the attestation then the security guarantees of SGX do not hold any longer.

    OEMs are now disabling undervolting through BIOS updates but that can be circumvented (e.g. with old BIOS). What Intel nor OEMs cannot fix easily is talking to the voltage regulation controller directly which has also been demonstrated.

    Leave a comment:

  • klokik
    Junior Member

  • klokik
    replied
    They'll fix LVI in a next microarch iteration and mitigate on current cores. Or you think they should to throw it out of the window and implement a new extantion from scratch just because of some side channel attack?

    Leave a comment:

  • tildearrow
    Senior Member

  • tildearrow
    replied
    Due to LVI, SGX is useless and you know it.
    Why are you still trying to push it forward?

    Leave a comment:

  • phoronix
    Administrator

  • Intel SGX Linux Patches Posted For Their 30th Round Of Review

    Phoronix: Intel SGX Linux Patches Posted For Their 30th Round Of Review

    Weeks ahead of the Linux 5.8 kernel cycle kicking off it's still not clear if the Intel SGX foundation patches will be ready for merging, but they were sent out today as version 30 of this long-running effort for supporting the Intel enclaves functionality on the mainline kernel...

    http://www.phoronix.com/scan.php?pag...undations-30th
Working...
X