28 Feb
2018
28 Feb
'18
9:40 p.m.
On Tue, Feb 27, 2018, at 05:02, Gernot.Heiser@data61.csiro.au wrote:
Running seL4 as the trusted base on SGX would be nice. Unfortunately, SGX has a major shortcoming (which I told the Intel folks as soon as I saw it first): SG enclaves run in Ring 3. Which means there is no protection inside an enclave, you have to trust everything in there, and consequently seL4 is of no help at all.
That's obnoxious and kinda shitty. Hopefully RISC-V can get it right. -- cmr http://octayn.net/ +16038524272