From: "Dr. Greg" <greg@enjellic.com> To: Andy Lutomirski <luto@amacapital.net> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, Andy Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>, Platform Driver <platform-driver-x86@vger.kernel.org>, linux-sgx@vger.kernel.org, Dave Hansen <dave.hansen@intel.com>, "Christopherson, Sean J" <sean.j.christopherson@intel.com>, nhorman@redhat.com, npmccallum@redhat.com, "Ayoun, Serge" <serge.ayoun@intel.com>, shay.katz-zamir@intel.com, haitao.huang@linux.intel.com, Andy Shevchenko <andriy.shevchenko@linux.intel.com>, Thomas Gleixner <tglx@linutronix.de>, "Svahn, Kai" <kai.svahn@intel.com>, mark.shanahan@intel.com, Suresh Siddha <suresh.b.siddha@intel.com>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>, Darren Hart <dvhart@infradead.org>, Andy Shevchenko <andy@infradead.org>, LKML <linux-kernel@vger.kernel.org> Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver Date: Wed, 28 Nov 2018 04:49:41 -0600 [thread overview] Message-ID: <20181128104941.GA23077@wind.enjellic.com> (raw) In-Reply-To: <C11C9312-65BC-460A-8F9F-608E101AE5C1@amacapital.net> On Tue, Nov 27, 2018 at 09:55:45AM -0800, Andy Lutomirski wrote: > > On Nov 27, 2018, at 8:41 AM, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> wrote: > > > >> On Tue, Nov 27, 2018 at 02:55:33AM -0600, Dr. Greg wrote: > >> Since the thread has become a bit divergent I wanted to note that we > >> have offered a proposal for a general policy management framework > >> based on MRSIGNER values. This framework is consistent with the SGX > >> security model, ie. cryptographic rather then DAC based policy > >> controls. This framework also allows a much more flexible policy > >> implementation that doesn't result in combinatoric issues. > >> > >> Our framework also allows the preservation of the current ABI which > >> allows an EINITTOKEN to be passed in from userspace. The framework > >> also supports the ability to specify that only a kernel based launch > >> enclave (LE) should be available if the platform owner or distribution > >> should desire to implement such a model. > >> > >> The policy management framework is straight forward. Three linked > >> lists or their equivalent which are populated through /sysfs > >> pseudo-files or equivalent plumbing. Each list is populated with > >> MRSIGNER values for signing keys that are allowed to initialize > >> enclaves under three separate conditions. > >> > >> 1.) General enclaves without special attribute bits. > >> > >> 2.) Enclaves with the SGX_FLAGS_PROVISION_KEY attribute set. - i.e., > >> 'Provisioning Enclaves'. > >> > >> 3.) Enclaves with the SGX_FLAGS_LICENSE_KEY attribute set - i.e., 'Launch > >> Enclaves'. > >> > >> An all-null MRSIGNER value serves as a 'sealing' value that locks a > >> list from any further modifications. > >> > >> This architecture allows platform policies to be specified and then > >> sealed at early boot by the root user. At that point cryptographic > >> policy controls are in place rather then DAC based controls, the > >> latter of which have perpetual security liabilities in addition to the > >> useability constraints inherent in a DAC or device node model. > >> > >> We have developed an independent implementation of the PSW and > >> arguably have as much experience with issues surrounding how to > >> interact with the device driver as anyone. We have spent a lot of > >> time thinking about these issues and the above framework provides the > >> most flexible architecture available. > > > > Sounds like a lot bloat and policy added to the kernel whereas with > > Andy's proposal you can implement logic to a daemon and provide only > > mechanism to do it. > Well, almost. We'd need SGX_IOC_FREEZE_MR{ENCLAVE,SIGNER} or > similar. Or maybe the daemon could handle the entire loading process. > But this can wait until after the main driver is upstream. > > This does lead to a question: enclaves are kind-of-sort-of mapped > into a given address space. What happens if you issue the various > ioctls in the context of a different mm? For that matter, can two > processes mmap the same enclave? Fascinating. We've been carrying a patch, that drops in on top of the proposed kernel driver, that implements the needed policy management framework for DAC fragile (FLC) platforms. After a meeting yesterday with the client that is funding the work, a decision was made to release the enhancements when the SGX driver goes mainline. That will at least give developers the option of creating solutions on Linux that implement the security guarantees that SGX was designed to deliver. Most importantly, since it implements a driver consistent with the design of SGX, it has the added benefit of allowing system administrators the ability to enable the driver to work on non-FLC (locked) platforms. Since Jarkko confirmed that FLC is the option of platform vendors, this would seem to be important as SGX on Linux will only work in a random fashion dependent on the whims of hardware OEM's in probably a SKU dependent fashion. Which is why the client has interest in the work. Best wishes for a productive remainder of the week. Dr. Greg As always, Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC. 4206 N. 19th Ave. Specializing in information infra-structure Fargo, ND 58102 development. PH: 701-281-1686 FAX: 701-281-3949 EMAIL: greg@enjellic.com ------------------------------------------------------------------------------ "Five year projections, are you kidding me. We don't know what we are supposed to be doing at the 4 o'clock meeting this afternoon." -- Terry Wieland Resurrection
WARNING: multiple messages have this Message-ID (diff)
From: "Dr. Greg" <greg@enjellic.com> To: Andy Lutomirski <luto@amacapital.net> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, Andy Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>, Platform Driver <platform-driver-x86@vger.kernel.org>, linux-sgx@vger.kernel.org, Dave Hansen <dave.hansen@intel.com>, "Christopherson, Sean J" <sean.j.christopherson@intel.com>, nhorman@redhat.com, npmccallum@redhat.com, "Ayoun, Serge" <serge.ayoun@intel.com>, shay.katz-zamir@intel.com, haitao.huang@linux.intel.com, Andy Shevchenko <andriy.shevchenko@linux.intel.com>, Thomas Gleixner <tglx@linutronix.de>, "Svahn, Kai" <kai.svahn@intel.com>, mark.shanahan@intel.com, Suresh Siddha <suresh.b.siddha@intel.com>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>, Darren Hart <dvhart@infradead.org> Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver Date: Wed, 28 Nov 2018 04:49:41 -0600 [thread overview] Message-ID: <20181128104941.GA23077@wind.enjellic.com> (raw) In-Reply-To: <C11C9312-65BC-460A-8F9F-608E101AE5C1@amacapital.net> On Tue, Nov 27, 2018 at 09:55:45AM -0800, Andy Lutomirski wrote: > > On Nov 27, 2018, at 8:41 AM, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> wrote: > > > >> On Tue, Nov 27, 2018 at 02:55:33AM -0600, Dr. Greg wrote: > >> Since the thread has become a bit divergent I wanted to note that we > >> have offered a proposal for a general policy management framework > >> based on MRSIGNER values. This framework is consistent with the SGX > >> security model, ie. cryptographic rather then DAC based policy > >> controls. This framework also allows a much more flexible policy > >> implementation that doesn't result in combinatoric issues. > >> > >> Our framework also allows the preservation of the current ABI which > >> allows an EINITTOKEN to be passed in from userspace. The framework > >> also supports the ability to specify that only a kernel based launch > >> enclave (LE) should be available if the platform owner or distribution > >> should desire to implement such a model. > >> > >> The policy management framework is straight forward. Three linked > >> lists or their equivalent which are populated through /sysfs > >> pseudo-files or equivalent plumbing. Each list is populated with > >> MRSIGNER values for signing keys that are allowed to initialize > >> enclaves under three separate conditions. > >> > >> 1.) General enclaves without special attribute bits. > >> > >> 2.) Enclaves with the SGX_FLAGS_PROVISION_KEY attribute set. - i.e., > >> 'Provisioning Enclaves'. > >> > >> 3.) Enclaves with the SGX_FLAGS_LICENSE_KEY attribute set - i.e., 'Launch > >> Enclaves'. > >> > >> An all-null MRSIGNER value serves as a 'sealing' value that locks a > >> list from any further modifications. > >> > >> This architecture allows platform policies to be specified and then > >> sealed at early boot by the root user. At that point cryptographic > >> policy controls are in place rather then DAC based controls, the > >> latter of which have perpetual security liabilities in addition to the > >> useability constraints inherent in a DAC or device node model. > >> > >> We have developed an independent implementation of the PSW and > >> arguably have as much experience with issues surrounding how to > >> interact with the device driver as anyone. We have spent a lot of > >> time thinking about these issues and the above framework provides the > >> most flexible architecture available. > > > > Sounds like a lot bloat and policy added to the kernel whereas with > > Andy's proposal you can implement logic to a daemon and provide only > > mechanism to do it. > Well, almost. We'd need SGX_IOC_FREEZE_MR{ENCLAVE,SIGNER} or > similar. Or maybe the daemon could handle the entire loading process. > But this can wait until after the main driver is upstream. > > This does lead to a question: enclaves are kind-of-sort-of mapped > into a given address space. What happens if you issue the various > ioctls in the context of a different mm? For that matter, can two > processes mmap the same enclave? Fascinating. We've been carrying a patch, that drops in on top of the proposed kernel driver, that implements the needed policy management framework for DAC fragile (FLC) platforms. After a meeting yesterday with the client that is funding the work, a decision was made to release the enhancements when the SGX driver goes mainline. That will at least give developers the option of creating solutions on Linux that implement the security guarantees that SGX was designed to deliver. Most importantly, since it implements a driver consistent with the design of SGX, it has the added benefit of allowing system administrators the ability to enable the driver to work on non-FLC (locked) platforms. Since Jarkko confirmed that FLC is the option of platform vendors, this would seem to be important as SGX on Linux will only work in a random fashion dependent on the whims of hardware OEM's in probably a SKU dependent fashion. Which is why the client has interest in the work. Best wishes for a productive remainder of the week. Dr. Greg As always, Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC. 4206 N. 19th Ave. Specializing in information infra-structure Fargo, ND 58102 development. PH: 701-281-1686 FAX: 701-281-3949 EMAIL: greg@enjellic.com ------------------------------------------------------------------------------ "Five year projections, are you kidding me. We don't know what we are supposed to be doing at the 4 o'clock meeting this afternoon." -- Terry Wieland Resurrection
next prev parent reply other threads:[~2018-11-28 10:52 UTC|newest] Thread overview: 305+ messages / expand[flat|nested] mbox.gz Atom feed top [not found] <20181116010412.23967-1-jarkko.sakkinen@linux.intel.com> 2018-11-16 1:01 ` [PATCH v17 01/23] x86/sgx: Update MAINTAINERS Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 14:22 ` Borislav Petkov 2018-11-16 15:07 ` Jarkko Sakkinen 2018-11-16 20:24 ` Borislav Petkov 2018-11-18 8:20 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 02/23] x86/cpufeatures: Add Intel-defined SGX feature bit Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 14:28 ` Borislav Petkov 2018-11-16 14:28 ` Borislav Petkov 2018-11-16 15:13 ` Jarkko Sakkinen 2018-11-16 15:13 ` Jarkko Sakkinen 2018-11-16 15:18 ` Jarkko Sakkinen 2018-11-16 15:18 ` Jarkko Sakkinen 2018-11-16 20:53 ` Borislav Petkov 2018-11-16 20:53 ` Borislav Petkov 2018-11-16 1:01 ` [PATCH v17 03/23] x86/cpufeatures: Add SGX sub-features (as Linux-defined bits) Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 14:37 ` Borislav Petkov 2018-11-16 14:37 ` Borislav Petkov 2018-11-16 15:38 ` Sean Christopherson 2018-11-16 15:38 ` Sean Christopherson 2018-11-16 23:31 ` Dave Hansen 2018-11-16 23:31 ` Dave Hansen 2018-11-18 8:36 ` Jarkko Sakkinen 2018-11-18 8:36 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 04/23] x86/msr: Add IA32_FEATURE_CONTROL.SGX_ENABLE definition Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 05/23] x86/cpufeatures: Add Intel-defined SGX_LC feature bit Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 06/23] x86/cpu/intel: Detect SGX support and update caps appropriately Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 23:32 ` Dave Hansen 2018-11-16 23:32 ` Dave Hansen 2018-11-18 8:37 ` Jarkko Sakkinen 2018-11-18 8:37 ` Jarkko Sakkinen 2018-11-21 18:17 ` Borislav Petkov 2018-11-21 18:17 ` Borislav Petkov 2018-11-24 13:54 ` Jarkko Sakkinen 2018-11-24 13:54 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 07/23] x86/mm: x86/sgx: Add new 'PF_SGX' page fault error code bit Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 23:33 ` Dave Hansen 2018-11-16 23:33 ` Dave Hansen 2018-11-18 8:38 ` Jarkko Sakkinen 2018-11-18 8:38 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 08/23] x86/mm: x86/sgx: Signal SIGSEGV for userspace #PFs w/ PF_SGX Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 09/23] x86/sgx: Define SGX1 and SGX2 ENCLS leafs Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 10/23] x86/sgx: Add ENCLS architectural error codes Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 11/23] x86/sgx: Add SGX1 and SGX2 architectural data structures Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 12/23] x86/sgx: Add definitions for SGX's CPUID leaf and variable sub-leafs Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 13/23] x86/msr: Add SGX Launch Control MSR definitions Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 17:29 ` Sean Christopherson 2018-11-16 17:29 ` Sean Christopherson 2018-11-18 8:19 ` Jarkko Sakkinen 2018-11-18 8:19 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 14/23] x86/sgx: Add wrappers for ENCLS leaf functions Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 15/23] x86/sgx: Enumerate and track EPC sections Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 16/23] x86/sgx: Add functions to allocate and free EPC pages Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 17/23] x86/sgx: Add sgx_einit() for initializing enclaves Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 18/23] platform/x86: Intel SGX driver Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:37 ` Randy Dunlap 2018-11-16 1:37 ` Randy Dunlap 2018-11-16 11:23 ` Jarkko Sakkinen 2018-11-16 11:23 ` Jarkko Sakkinen 2018-11-19 15:06 ` Jarkko Sakkinen 2018-11-19 15:06 ` Jarkko Sakkinen 2018-11-19 16:22 ` Jethro Beekman 2018-11-19 16:22 ` Jethro Beekman 2018-11-19 17:19 ` Jarkko Sakkinen 2018-11-19 17:19 ` Jarkko Sakkinen 2018-11-19 17:39 ` Jethro Beekman 2018-11-20 10:58 ` Jarkko Sakkinen 2018-11-21 15:24 ` Jarkko Sakkinen 2018-11-19 18:18 ` Andy Lutomirski 2018-11-19 18:18 ` Andy Lutomirski 2018-11-20 11:00 ` Jarkko Sakkinen 2018-11-20 11:00 ` Jarkko Sakkinen 2018-11-19 15:29 ` Andy Lutomirski 2018-11-19 16:19 ` Jarkko Sakkinen 2018-11-19 16:59 ` Andy Lutomirski 2018-11-20 12:04 ` Jarkko Sakkinen 2018-11-22 11:12 ` Dr. Greg 2018-11-22 15:21 ` Andy Lutomirski 2018-11-22 15:21 ` Andy Lutomirski 2018-11-24 17:21 ` Jarkko Sakkinen 2018-11-24 17:21 ` Jarkko Sakkinen 2018-11-24 20:13 ` Dr. Greg 2018-11-24 20:13 ` Dr. Greg 2018-11-26 21:15 ` Jarkko Sakkinen 2018-11-26 21:15 ` Jarkko Sakkinen 2018-11-25 14:53 ` Jarkko Sakkinen 2018-11-25 14:53 ` Jarkko Sakkinen 2018-11-25 16:22 ` Andy Lutomirski 2018-11-25 16:22 ` Andy Lutomirski 2018-11-25 18:55 ` Dr. Greg 2018-11-25 18:55 ` Dr. Greg 2018-11-25 23:51 ` Jarkko Sakkinen [not found] ` <D45BC005-5064-4C75-B486-4E43C454E2F6@amacapital.net> 2018-11-26 0:37 ` Andy Lutomirski 2018-11-26 0:37 ` Andy Lutomirski 2018-11-26 11:00 ` Dr. Greg 2018-11-26 11:00 ` Dr. Greg 2018-11-26 18:22 ` Andy Lutomirski 2018-11-26 18:22 ` Andy Lutomirski 2018-11-26 22:16 ` Jarkko Sakkinen 2018-11-26 22:16 ` Jarkko Sakkinen 2018-11-26 21:51 ` Jarkko Sakkinen 2018-11-26 21:51 ` Jarkko Sakkinen 2018-11-26 23:04 ` Jarkko Sakkinen 2018-11-26 23:04 ` Jarkko Sakkinen 2018-11-27 8:55 ` Dr. Greg 2018-11-27 8:55 ` Dr. Greg 2018-11-27 16:41 ` Jarkko Sakkinen 2018-11-27 16:41 ` Jarkko Sakkinen 2018-11-27 17:55 ` Andy Lutomirski 2018-11-27 17:55 ` Andy Lutomirski 2018-11-28 10:49 ` Dr. Greg [this message] 2018-11-28 10:49 ` Dr. Greg 2018-11-28 19:22 ` Jarkko Sakkinen 2018-11-28 19:22 ` Jarkko Sakkinen 2018-12-10 10:49 ` Dr. Greg 2018-12-10 10:49 ` Dr. Greg 2018-12-12 18:00 ` Jarkko Sakkinen 2018-12-12 18:00 ` Jarkko Sakkinen 2018-12-14 23:59 ` Dr. Greg 2018-12-14 23:59 ` Dr. Greg 2018-12-15 0:06 ` Sean Christopherson 2018-12-15 0:06 ` Sean Christopherson 2018-12-15 23:22 ` Dr. Greg 2018-12-15 23:22 ` Dr. Greg 2018-12-17 14:27 ` Sean Christopherson 2018-12-17 14:27 ` Sean Christopherson 2018-12-17 13:28 ` Jarkko Sakkinen 2018-12-17 13:28 ` Jarkko Sakkinen 2018-12-17 13:39 ` Jarkko Sakkinen 2018-12-17 13:39 ` Jarkko Sakkinen 2018-12-17 14:08 ` Jarkko Sakkinen 2018-12-17 14:08 ` Jarkko Sakkinen 2018-12-17 14:13 ` Jarkko Sakkinen 2018-12-17 14:13 ` Jarkko Sakkinen 2018-12-17 16:34 ` Dr. Greg 2018-12-17 16:34 ` Dr. Greg 2018-12-17 17:31 ` Sean Christopherson 2018-12-17 17:31 ` Sean Christopherson 2018-12-17 17:49 ` Jarkko Sakkinen 2018-12-17 17:49 ` Jarkko Sakkinen 2018-12-17 18:09 ` Sean Christopherson 2018-12-17 18:09 ` Sean Christopherson 2018-12-17 18:23 ` Jarkko Sakkinen 2018-12-17 18:23 ` Jarkko Sakkinen 2018-12-17 18:46 ` Sean Christopherson 2018-12-17 18:46 ` Sean Christopherson 2018-12-17 19:36 ` Jarkko Sakkinen 2018-12-17 19:36 ` Jarkko Sakkinen 2018-11-27 16:46 ` Jarkko Sakkinen 2018-11-27 16:46 ` Jarkko Sakkinen 2018-11-28 21:52 ` Andy Lutomirski 2018-11-28 21:52 ` Andy Lutomirski 2018-11-27 7:46 ` Jethro Beekman 2018-11-27 16:36 ` Jarkko Sakkinen 2018-11-22 20:56 ` Andy Lutomirski 2018-11-22 20:56 ` Andy Lutomirski 2018-11-23 10:39 ` Dr. Greg 2018-11-23 10:39 ` Dr. Greg 2018-11-24 16:45 ` Jarkko Sakkinen 2018-11-24 16:45 ` Jarkko Sakkinen 2018-11-28 5:08 ` Jarkko Sakkinen 2018-11-28 5:08 ` Jarkko Sakkinen 2018-11-28 5:38 ` Jethro Beekman 2018-12-09 17:01 ` Pavel Machek 2018-12-09 17:01 ` Pavel Machek 2018-11-20 11:15 ` Dr. Greg 2018-11-20 11:15 ` Dr. Greg 2018-11-24 16:15 ` Jarkko Sakkinen 2018-11-24 19:24 ` Dr. Greg 2018-11-26 19:39 ` Jarkko Sakkinen 2018-12-09 17:01 ` Pavel Machek 2018-12-09 17:01 ` Pavel Machek 2018-12-10 14:46 ` Dr. Greg 2018-12-10 14:46 ` Dr. Greg 2018-12-17 17:45 ` Dave Hansen 2018-12-17 17:45 ` Dave Hansen 2018-12-17 18:01 ` Jarkko Sakkinen 2018-12-17 18:01 ` Jarkko Sakkinen 2018-12-17 18:07 ` Dave Hansen 2018-12-17 18:07 ` Dave Hansen 2018-12-17 18:31 ` Jarkko Sakkinen 2018-12-17 18:31 ` Jarkko Sakkinen 2018-12-17 18:36 ` Sean Christopherson 2018-12-17 18:36 ` Sean Christopherson 2018-12-17 18:43 ` Jarkko Sakkinen 2018-12-17 18:43 ` Jarkko Sakkinen 2018-12-17 18:47 ` Dave Hansen 2018-12-17 18:47 ` Dave Hansen 2018-12-17 19:12 ` Andy Lutomirski 2018-12-17 19:12 ` Andy Lutomirski 2018-12-17 19:17 ` Dave Hansen 2018-12-17 19:17 ` Dave Hansen 2018-12-17 19:25 ` Andy Lutomirski 2018-12-17 19:25 ` Andy Lutomirski 2018-12-17 19:54 ` Jarkko Sakkinen 2018-12-17 19:54 ` Jarkko Sakkinen 2018-12-17 19:49 ` Jarkko Sakkinen 2018-12-17 19:49 ` Jarkko Sakkinen 2018-12-17 19:53 ` Dave Hansen 2018-12-17 19:53 ` Dave Hansen 2018-12-17 19:55 ` Andy Lutomirski 2018-12-17 19:55 ` Andy Lutomirski 2018-12-17 20:03 ` Dave Hansen 2018-12-17 20:03 ` Dave Hansen 2018-12-17 20:10 ` Andy Lutomirski 2018-12-17 20:10 ` Andy Lutomirski 2018-12-17 20:15 ` Dave Hansen 2018-12-17 20:15 ` Dave Hansen 2018-12-17 22:36 ` Sean Christopherson 2018-12-17 22:36 ` Sean Christopherson 2018-12-18 1:40 ` Jarkko Sakkinen 2018-12-18 1:40 ` Jarkko Sakkinen 2018-12-17 22:20 ` Sean Christopherson 2018-12-17 22:20 ` Sean Christopherson 2018-12-18 1:39 ` Jarkko Sakkinen 2018-12-18 1:39 ` Jarkko Sakkinen 2018-12-18 3:27 ` Jarkko Sakkinen 2018-12-18 3:27 ` Jarkko Sakkinen 2018-12-18 5:02 ` Andy Lutomirski 2018-12-18 5:02 ` Andy Lutomirski 2018-12-18 13:27 ` Jarkko Sakkinen 2018-12-18 13:27 ` Jarkko Sakkinen 2018-12-18 4:55 ` Andy Lutomirski 2018-12-18 4:55 ` Andy Lutomirski 2018-12-18 13:18 ` Jarkko Sakkinen 2018-12-18 13:18 ` Jarkko Sakkinen 2018-12-18 4:59 ` Andy Lutomirski 2018-12-18 4:59 ` Andy Lutomirski 2018-12-18 13:11 ` Jarkko Sakkinen 2018-12-18 13:11 ` Jarkko Sakkinen 2018-12-18 15:44 ` Sean Christopherson 2018-12-18 15:44 ` Sean Christopherson 2018-12-18 18:53 ` Sean Christopherson 2018-12-18 18:53 ` Sean Christopherson 2018-12-19 5:00 ` Jarkko Sakkinen 2018-12-19 5:00 ` Jarkko Sakkinen 2018-12-19 5:13 ` Jarkko Sakkinen 2018-12-19 5:13 ` Jarkko Sakkinen 2018-12-21 18:28 ` Sean Christopherson 2018-12-21 18:28 ` Sean Christopherson 2018-12-22 0:01 ` Jarkko Sakkinen 2018-12-22 0:01 ` Jarkko Sakkinen 2018-12-19 4:47 ` Jarkko Sakkinen 2018-12-19 4:47 ` Jarkko Sakkinen 2018-12-19 5:24 ` Jarkko Sakkinen 2018-12-19 5:24 ` Jarkko Sakkinen 2018-12-18 1:17 ` Jarkko Sakkinen 2018-12-18 1:17 ` Jarkko Sakkinen 2018-12-18 1:31 ` Jarkko Sakkinen 2018-12-18 1:31 ` Jarkko Sakkinen 2018-12-17 18:48 ` Sean Christopherson 2018-12-17 18:48 ` Sean Christopherson 2018-12-17 19:09 ` Dave Hansen 2018-12-17 19:09 ` Dave Hansen 2018-12-17 19:37 ` Jarkko Sakkinen 2018-12-17 19:37 ` Jarkko Sakkinen 2018-12-17 19:40 ` Dave Hansen 2018-12-17 19:40 ` Dave Hansen 2018-12-17 19:33 ` Jarkko Sakkinen 2018-12-17 19:33 ` Jarkko Sakkinen 2018-12-17 20:21 ` Jarkko Sakkinen 2018-12-17 20:21 ` Jarkko Sakkinen 2018-12-18 13:13 ` Jarkko Sakkinen 2018-12-18 13:13 ` Jarkko Sakkinen 2018-12-18 15:46 ` Sean Christopherson 2018-12-18 15:46 ` Sean Christopherson 2018-12-18 5:55 ` Andy Lutomirski 2018-12-18 5:55 ` Andy Lutomirski 2018-12-19 5:22 ` Jarkko Sakkinen 2018-12-19 5:22 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 19/23] platform/x86: sgx: Add swapping functionality to the " Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 20/23] x86/sgx: Add a simple swapper for the EPC memory manager Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 21/23] platform/x86: ptrace() support for the SGX driver Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 22/23] x86/sgx: SGX documentation Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-12-03 3:28 ` Randy Dunlap 2018-12-03 9:32 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 23/23] selftests/x86: Add a selftest for SGX Jarkko Sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 1:01 ` jarkko.sakkinen 2018-11-16 1:01 ` Jarkko Sakkinen 2018-11-16 11:17 ` [PATCH v17 00/23] Intel SGX1 support Jarkko Sakkinen 2018-11-16 11:17 ` Jarkko Sakkinen 2018-11-16 11:17 ` jarkko.sakkinen 2018-11-16 11:17 ` Jarkko Sakkinen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20181128104941.GA23077@wind.enjellic.com \ --to=greg@enjellic.com \ --cc=andriy.shevchenko@linux.intel.com \ --cc=andy@infradead.org \ --cc=bp@alien8.de \ --cc=dave.hansen@intel.com \ --cc=dvhart@infradead.org \ --cc=haitao.huang@linux.intel.com \ --cc=hpa@zytor.com \ --cc=jarkko.sakkinen@linux.intel.com \ --cc=kai.svahn@intel.com \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-sgx@vger.kernel.org \ --cc=luto@amacapital.net \ --cc=luto@kernel.org \ --cc=mark.shanahan@intel.com \ --cc=mingo@redhat.com \ --cc=nhorman@redhat.com \ --cc=npmccallum@redhat.com \ --cc=platform-driver-x86@vger.kernel.org \ --cc=sean.j.christopherson@intel.com \ --cc=serge.ayoun@intel.com \ --cc=shay.katz-zamir@intel.com \ --cc=suresh.b.siddha@intel.com \ --cc=tglx@linutronix.de \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.