Conversation
jarkko

Jarkko Sakkinen

Edited 25 days ago
IMHO, AMD, Intel and ARM should step up and start provide some cheap and accessible hardware that you can use at your home, and not intended for rolling out cash (i.e. something like NUC), but only to allow kernel maintainers and operating system developers to test their server features.

Cheap means here something like less than 1000 euros.

E.g., in Intel SGX the latest and greatest are NUC7's from 2018 and for VM based confidential computing there's nothing appropriate.

Shame on you CPU companies!

#arm #intel #amd #cpu
4
0
2
jarkko

Jarkko Sakkinen

Reply to @jarkko
And would not hurt to widely sponsor that hardware for key maintainers too but even availability would be a great starting point.
1
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
It's also short sighted business wise as potential startups cannot experiment with the features.
0
0
0
oleksandr@natalenko.name

Oleksandr Natalenko, MSE verified

Reply to @jarkko

@jarkko

IMHO, AMD, Intel and ARM should step up and …

… switch to RISC-V.

1
0
0
jarkko

Jarkko Sakkinen

Reply to @oleksandr@natalenko.name
Edited 25 days ago
@oleksandr Yeah, well I'm talking about what exists widely :-)

The solution that AMD and Intel provide is to subscribe to their developer programs and get "cloud access". Or something like this was proposed last time I asked about this.

One working alternative would be to provide full QEMU emulation support (which of course cannot do attestation but that does not matter for kernel).
0
0
0
karppinen@mastodon.online

Marko Karppinen

Reply to @jarkko

@jarkko I agree but if you actually need to pick an Intel SGX platform from what exists today, I’d look at mini-itx motherboards with Xeon-E. I’ve run the E-2388G in a SFF case with Noctua fans and it’s been whisper quiet and great.

1
0
1
jarkko

Jarkko Sakkinen

Reply to @karppinen@mastodon.online
Edited 25 days ago
@karppinen I still don't want to spend of my personal money as much as it costs so I review the patches by emulating SGX in my head while looking at Intel SDM :-) Testing is based only on compilation.

I do run final test on NUC7 tho but it does not really give sufficient information whether a feature is actually right.
0
0
0
noodles@social.earth.li

Jonathan McDowell

Reply to @jarkko
@jarkko I'd like a solution that isn't so power hungry. Looks like you need EPYC for SEV-SNP, and minimum base TDP is 120W. I don't want one of those on my desk.
1
0
0
jarkko

Jarkko Sakkinen

Reply to @noodles@social.earth.li
@noodles This is true, not just a money question really :-) Would be nice to have something smaller scale and efficient.
1
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
@noodles Cloud access is destined to fail at some point when doing kernel testing or cap to some limitation, which you cannot simply achieve with that type of access. It does not really compare to a local machine...
1
0
0
noodles@social.earth.li

Jonathan McDowell

Reply to @jarkko
@jarkko I generally don't mind remote machines, but it needs bare metal access and decent remote management, not just a VM or only SSH access to a host.
0
0
1
About social.kernel.org

Terms of service

  1. Please do not use this service in violation of the Linux Kernel Code of Conduct. Doing so will result in your account suspension with the referral of the matter to the CoC committee.

  2. "Repeating"/"boosting" someone else's status on this platform will be treated as endorsement and will fall under rule #1.

  3. You are encouraged to use this platform to promote your work on the Linux Kernel, but there is no restriction on permitted topics (with the exception of anything covered by #1 above).

  4. There is no requirement to post in English, but it should be considered the primary language of communication on this platform.

Privacy notice

The admins of this service have access to all posted statuses. They aren't looking, but if it's something they shouldn't know about, then you should not post it on this platform.

Please see the Linux Foundation Privacy Policy, which applies to this platform as well.

Getting your own account

If you would like an account on this instance, please check that the following applies to you:

  • You are listed in MAINTAINERS or CREDITS

  • OR: You have a kernel.org account or email address

  • OR: You have a long and established history of involvement with the Linux Kernel

If the above is true and you agree with the Terms of Service and Privacy Notice listed above, please use these instructions to request an account: