[RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME)
Sakkinen, Jarkko
jarkko.sakkinen at intel.com
Thu Dec 13 05:52:12 UTC 2018
On Thu, 2018-12-13 at 07:49 +0200, Jarkko Sakkinen wrote:
> On Thu, 2018-12-13 at 07:27 +0800, Huang, Kai wrote:
> > > This all should be summarized in the documentation (high-level model and
> > > corner cases).
> >
> > I am not sure whether it is necessary to document L1TF explicitly, since it
> > is
> > quite obvious that MKTME doesn't prevent that. IMHO if needed we only need
> > to
> > mention MKTME doesn't prevent any sort of cache based attack, since data in
> > cache is in clear.
> >
> > In fact SGX doesn't prevent this either..
>
> Sorry, was a bit unclear. I meant the assumptions and goals.
I.e. what I put in my earlier response, what belongs to TCB and what
types adversaries is pursued to be protected.
/Jarkko
More information about the Linux-security-module-archive
mailing list