[RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME)

Sakkinen, Jarkko jarkko.sakkinen at intel.com
Thu Dec 13 05:49:22 UTC 2018


On Thu, 2018-12-13 at 07:27 +0800, Huang, Kai wrote:
> > This all should be summarized in the documentation (high-level model and
> > corner cases).
> 
> I am not sure whether it is necessary to document L1TF explicitly, since it is
> quite obvious that MKTME doesn't prevent that. IMHO if needed we only need to
> mention MKTME doesn't prevent any sort of cache based attack, since data in
> cache is in clear.
> 
> In fact SGX doesn't prevent this either..

Sorry, was a bit unclear. I meant the assumptions and goals.

/Jarkko



More information about the Linux-security-module-archive mailing list