[RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME)
Sakkinen, Jarkko
jarkko.sakkinen at intel.com
Thu Dec 13 05:49:22 UTC 2018
On Thu, 2018-12-13 at 07:27 +0800, Huang, Kai wrote:
> > This all should be summarized in the documentation (high-level model and
> > corner cases).
>
> I am not sure whether it is necessary to document L1TF explicitly, since it is
> quite obvious that MKTME doesn't prevent that. IMHO if needed we only need to
> mention MKTME doesn't prevent any sort of cache based attack, since data in
> cache is in clear.
>
> In fact SGX doesn't prevent this either..
Sorry, was a bit unclear. I meant the assumptions and goals.
/Jarkko
More information about the Linux-security-module-archive
mailing list