Hi Ron,

On Sun, Jun 24, 2018 at 12:55 AM, ron minnich rminnich@gmail.com wrote:

On Wed, Jun 20, 2018 at 11:03 PM Taiidan@gmx.com Taiidan@gmx.com wrote:

...

Whats the deal with SMM? What a shame they thought to add it.

It's a huge disappointment. I made some effort a few years ago to try to convince folks this was a bad idea and failed.

I'm no longer as optimistic as I was about RISC-V. There seems to be a real push to be "just like x86".

IIRC, Machine mode in RISC-V is just looking similar to SMM in x86. But it can do more than what SMM does. It helps to enclave-based solution. I'm looking forward to see the open solution, e.g: Sanctum, Keystone, etc to land into production environment.

btw: can't agree w/ you more about we need more open implementation than Hifive unleashed.

[1] Secure Processors Part I: Background, Taxonomy for Secure Enclaves and Intel SGX Architecture: https://people.csail.mit.edu/devadas/pubs/part_1.pdf

[2] Secure Processors Part II: Intel SGX Security Analysis and MIT Sanctum Architecture: https://people.csail.mit.edu/devadas/pubs/part_2.pdf

[3] Keystone: https://keystone-enclave.org/