[RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME)
Huang, Kai
kai.huang at intel.com
Wed Dec 12 23:27:33 UTC 2018
> This all should be summarized in the documentation (high-level model and
> corner cases).
I am not sure whether it is necessary to document L1TF explicitly, since it is quite obvious that MKTME doesn't prevent that. IMHO if needed we only need to mention MKTME doesn't prevent any sort of cache based attack, since data in cache is in clear.
In fact SGX doesn't prevent this either..
Thanks,
-Kai
More information about the Linux-security-module-archive
mailing list