There's now a working version of the driver that implements in-kernel
LE available in the 'le' branch.
Later today I'll send an RFC version of the patch set of this feature to
this mailing list. I'll add register clean up and replace enclu with raw
opcode in order to leverage GCC version requirements.
After sending the RFC patch set I'll start replacing TinyCrypt AES with
AES-NI. I'll document this to the cover letter. Another obvious thing
that I've left out from RFC is how /dev/sgx is opened. It makes sense
substitute file descriptor for it inside the kernel before handover
to the user space. The current approach is racy.
I would hope that commentary would be postponed up until I send the
actual patches later today.
Show replies by date