SGX vs LSM (Re: [PATCH v20 00/28] Intel SGX1 support)
Jarkko Sakkinen
jarkko.sakkinen at linux.intel.com
Thu May 23 08:23:39 UTC 2019
On Thu, May 23, 2019 at 11:10:48AM +0300, Jarkko Sakkinen wrote:
> On Wed, May 22, 2019 at 03:42:45PM -0700, Andy Lutomirski wrote:
> > As far as I know from this whole discussion, we still haven't come up
> > with any credible way to avoid tracking, per enclave page, whether
> > that page came from unmodified PROT_EXEC memory.
>
> So is this in the context that the enclave is read from another VMA
> and not through a file descriptor? Is that locked in?
No need to answer. Got in page from Sean's response.
/Jarkko
More information about the Linux-security-module-archive
mailing list