[Info-vax] CPU Refresher for Programmers
Chris Scheers
chris at applied-synergy.com
Sun Jan 17 18:48:50 EST 2016
Stephen Hoffman wrote:
> On 2016-01-12 03:10:16 +0000, Stephen Hoffman said:
>
>> Yeah, more than a few of these features have been available in systems
>> prior to x86-64 — but these features are now far more common, far
>> cheaper, and just as useful.
>
> Then there are features (complexity) that didn't exist before, such as
> Intel Software Guard Extensions (SGX):
>
> https://software.intel.com/sites/default/files/332680-002.pdf
>
> These enclaves would (hypothetically) be where LMF would be implemented,
> and would provide storage and processing related to each user's private
> keys, for instance. There are other uses likely too, such as a
> foundation for secure delivery.
Conceptually, these "enclaves" look extremely similar to the Data
General MV rings of 40 years ago.
The only way to call code in a ring is through a defined call gate,
outer rings can not access memory in an inner ring, etc.
The way DG used it, the OS used the two innermost rings and user
programs ran in the outermost ring.
Intermediate rings received various subsystems. User written subsystems
were allowed.
Among things, I've seen the intermediate rings running networking,
databases, and cross process communications. Anything that requires
security from malicious (or just flakey) code is a good candidate.
--
-----------------------------------------------------------------------
Chris Scheers, Applied Synergy, Inc.
Voice: 817-237-3360 Internet: chris at applied-synergy.com
Fax: 817-237-3074
More information about the Info-vax
mailing list