On Tue, Jun 26, 2018 at 12:01 AM, Nico Huber nico.h@gmx.de wrote:
On 25.06.2018 09:55, Shawn wrote:> Hi Ron,
On Sun, Jun 24, 2018 at 12:55 AM, ron minnich rminnich@gmail.com wrote:
On Wed, Jun 20, 2018 at 11:03 PM Taiidan@gmx.com Taiidan@gmx.com wrote:
Whats the deal with SMM? What a shame they thought to add it.
It's a huge disappointment. I made some effort a few years ago to try to convince folks this was a bad idea and failed.
I'm no longer as optimistic as I was about RISC-V. There seems to be a real push to be "just like x86".
IIRC, Machine mode in RISC-V is just looking similar to SMM in x86. But it can do more than what SMM does. It helps to enclave-based solution. I'm looking forward to see the open solution, e.g: Sanctum, Keystone, etc to land into production environment.
IMO, putting enclaves on the same silicon as the code you want to protect them from is a failed concept. And more, it's bullshit, it means two separate entities have to own the same physical chip. And SGX proves that it doesn't work (they can't protect the OS from being spied upon from the enclave (see Spectre), how can they ever hope to protect the enclave from the much more powerful OS?).
SGX get rids of the major attack surfaces but a few left( unfortunately, side-channel is one of them). Speaking of "two separate entities have to own the same physical chip", yes and no, IIRC SGX is highly rely on some ME code modules( EPID?) which supposed to be running in another chip. IMOHO, what SGX's problem is that it's not an open solution and it can't be audited properly. It doesn't mean we( RSIC-V?) can't learn anything from it.
IMHO, not RISC-V but the whole industry is at least 20 years away from getting that going (software separation in one piece of silicon, with- out help from the software).
So, no, no marketing false-security tech* that doesn't provide what it promises can justify to pollute an architecture like RISC-V.
Nico
- I know there is a lot of honest research around enclaves, but they all seem to ignore the reality of today's processors.
Well, diff ppl has different requirements. The current status of enclave is not good as expected. It may or may not improve in the future.