Secure-Enable PSP + SGX + Initiator Security Virtualise 2022 : Self Tests & Thread control pages *Kernel Base L1:L2,L3:Cache MontiCarlos Processor Feature & Task Manger*

Duke Abbaddon duke.abbaddon at gmail.com
Tue Apr 5 07:22:53 UTC 2022


Secure-Enable PSP + SGX + Initiator Security Virtualise 2022

Proper initiation requires at least a basic permission statement
before kernel load:RS

<VMaWare Initiator>
Firmware, bios load <init>1 }
Boot Loader <init>2         } Enclave 1
Kernel Jack on safe boot <init>3 : Enclave 2
Core Modules <init>4 Enclave 3
System <init><init><init><init><init>

(c)Rupert S https://bit.ly/VESA_BT

> > + * Some 'Enable PSP + SGX' functions require that no cached linear-to-physical address
> > + * mappings are present before they can succeed. Collaborate with
> > + * hardware via ENCLS[ETRACK] to ensure that all cached
> > + * linear-to-physical address mappings belonging to all threads of
> > + * the enclave are cleared. See sgx_encl_cpumask() for details.

Cache Buffer can hide locations from direct attack! <VIRUALISE LOC>
But do involve a potential page break if not aligned

> > + * Return valid permission fields from a secinfo structure provided by
> > + * user space. The secinfo structure is required to only have bits in
> > + * the permission fields set.

Virtualise buffer can lazy IO & Lazy DMA #Thread mate DT

> > + * Ensure enclave is ready for SGX2 functions. Readiness is checked
> > + * by ensuring the hardware supports SGX2 and the enclave is initialized
> > + * and thus able to handle requests to modify pages within it.

Boot time check can validate SGX & PSP & YES Cache a relocatable table,
Direct Read required INT & IO Activations & is not Cache permitted one
presumes. DT

> > Changes since V2:
> > - Include the sgx_ioc_sgx2_ready() utility
> >   that previously was in "x86/sgx: Support relaxing of enclave page
> >   permissions" that is removed from the next version.
> > - Few renames requested >

Broken Alignment DT
Separated BASE Code DT

Strict Code Align =1
Buffer RELOC = 1
Security permission Buffer = 751

Enable PSP + SGX

https://lkml.org/lkml/2022/4/5/29
https://lkml.org/lkml/2022/4/5/27
https://lkml.org/lkml/2022/4/5/25

https://lkml.org/lkml/2022/4/5/50

https://lkml.org/lkml/2022/4/4/982

Self Tests & Thread control pages *Kernel Base L1:L2,L3:Cache
MontiCarlos Processor Feature & Task Manger* >> Reference :
https://science.n-helix.com/2021/11/monticarlo-workload-selector.html

https://lkml.org/lkml/2022/4/5/119
https://lkml.org/lkml/2022/4/5/120
https://lkml.org/lkml/2022/4/5/121
https://lkml.org/lkml/2022/4/5/122
https://lkml.org/lkml/2022/4/5/123
https://lkml.org/lkml/2022/4/5/125
https://lkml.org/lkml/2022/4/5/127
https://lkml.org/lkml/2022/4/5/128
https://lkml.org/lkml/2022/4/5/129
https://lkml.org/lkml/2022/4/5/130

<< Self Tests & Thread control pages *Kernel Base L1:L2,L3:Cache
MontiCarlos Processor Feature & Task Manger*

*

https://science.n-helix.com/2018/12/rng.html

https://science.n-helix.com/2022/02/rdseed.html

https://science.n-helix.com/2017/04/rng-and-random-web.html

https://science.n-helix.com/2022/02/interrupt-entropy.html

https://science.n-helix.com/2021/11/monticarlo-workload-selector.html

https://science.n-helix.com/2022/03/security-aspect-leaf-hash-identifiers.html


Audio, Visual & Bluetooth & Headset & mobile developments only go so far:

https://science.n-helix.com/2022/02/visual-acuity-of-eye-replacements.html

https://science.n-helix.com/2022/03/ice-ssrtp.html

https://science.n-helix.com/2021/11/ihmtes.html

https://science.n-helix.com/2021/10/eccd-vr-3datmos-enhanced-codec.html
https://science.n-helix.com/2021/11/wave-focus-anc.html
https://science.n-helix.com/2021/12/3d-audio-plugin.html



More information about the Linux-security-module-archive mailing list