Jarkko Sakkinen
Posts
5207Following
340Followers
521OpenPGP: 3AB05486C7752FE1
@kernellogger I was thinking first to give a shot with SGX because I know the opcodes really well but since I have already this crate [1] and TPM2 affects my life more than SGX ATM, let's try that at first :-)
[1] https://crates.io/crates/tpm2-protocol
[1] https://crates.io/crates/tpm2-protocol
0
0
0
@kernellogger For TPM2 type of devices having Rust to manage emulation is quite essential given the combination of structural complexity and cryptography in the binary protocol.
I could imagine that Rust could be also a great angle to deliver confidential computing opcodes for QEMU.
I could imagine that Rust could be also a great angle to deliver confidential computing opcodes for QEMU.
1
0
1
@kernellogger Not as many may know this but QEMU also has a nice Rust integration these days.
I implemented a feature for integrated TPM chip emulations in QEMU, and have a profile for Infienon SLB 9672 in progress. It's a half-C-half-Rust feature and so far progress has been smooth. VM sees my chip etc. and the developer experience has been surprisingly smooth :-)
I implemented a feature for integrated TPM chip emulations in QEMU, and have a profile for Infienon SLB 9672 in progress. It's a half-C-half-Rust feature and so far progress has been smooth. VM sees my chip etc. and the developer experience has been surprisingly smooth :-)
1
0
6
Jarkko Sakkinen
repeated
repeated
Thorsten Leemhuis (acct. 1/4)
kernellogger@hachyderm.ioThe #Rust support in the #Linux #kernel is now officially a first class citizen and not considered experimental any more:
https://git.kernel.org/torvalds/c/9fa7153c31a3e5fe578b83d23bc9f185fde115da; for more details, see also: https://lwn.net/Articles/1050174/
This is one of the highlights from the main #RustLang for #LinuxKernel 7.0 that was merged a few hours ago ; for others, see https://git.kernel.org/torvalds/c/a9aabb3b839aba094ed80861054993785c61462c
2
17
1
Jarkko Sakkinen
jarkko
Edited yesterday
I'll replace the test-container.c from the original patch set with kcontainer.c, which is a stripped down container manager, and a shell script containing the test cases.
It's really just a wrapper for container_* but should demonstrate with reasonable realism the capabilities of the kernel feature.
It's really just a wrapper for container_* but should demonstrate with reasonable realism the capabilities of the kernel feature.
0
0
0
Jarkko Sakkinen
jarkko
A new Git subcommand I was not aware of: git range-diff. It compares two versions of branch.
This came up now that I forked dhowell's container object patch set.
E.g.,
git range-diff refs/remotes/fs/container...container
This came up now that I forked dhowell's container object patch set.
E.g.,
git range-diff refs/remotes/fs/container...container
0
1
2
Jarkko Sakkinen
jarkko
Edited 2 days ago
Overall this looks stil very wrong but some very basics have been put in place:
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=container
Basic plumbing:
1. Some splitting to chunks that make more sense.
2. scripts/checkpatch.pl --strict -g master..container passes.
3. I implemented the missing container_wait and container_kill (only compiled-tested).
Next step is to substitute a random test program with a kselftest. After that this can be actually hammered.
These patches have at least a potential to simplify container runtimes quite a lot. And preparation and launch are well-ordered given container_fork().
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=container
Basic plumbing:
1. Some splitting to chunks that make more sense.
2. scripts/checkpatch.pl --strict -g master..container passes.
3. I implemented the missing container_wait and container_kill (only compiled-tested).
Next step is to substitute a random test program with a kselftest. After that this can be actually hammered.
These patches have at least a potential to simplify container runtimes quite a lot. And preparation and launch are well-ordered given container_fork().
0
0
0
@oleksandr With swcam the basis of nack was "not useful for companies creating V4L2 associated hardware => not useful for anyone", or this is how I summarized it at least in my mind.
I'd except at least a more reasonable nack and maybe even learn something in the process; the bar is quite low atm :-)
I'd except at least a more reasonable nack and maybe even learn something in the process; the bar is quite low atm :-)
0
0
0
Jarkko Sakkinen
jarkko
@oleksandr i consider nack as done :-) i just want fully drain my backlog.
1
0
0
Jarkko Sakkinen
jarkko
hooray, i have container_create() syscall running on top of mainline tip.
can't wait to write some cool tests for this :-)
this is by definition "against the odds" feature...
can't wait to write some cool tests for this :-)
this is by definition "against the odds" feature...
1
0
2
Jarkko Sakkinen
jarkko
The defence project in EU that could not get enough funding: https://defence-industry-space.ec.europa.eu/eu-space/iris2-secure-connectivity_en
Because option B is to call to Musk :-)
Because option B is to call to Musk :-)
0
0
0
@vbabka It has also a slightly different goal if I got it right. i do emulation and cocoon-tpm does production (in an enclave or whatever SEV VM workloads are called). they could find possibly tpm2-protocol crate useful tho as it is an isolated binariy parser (no IO or similar ties, requires only stack).
It's good to keep this project in mind tho. I mean probably there is a meningful intersection of code eventually. Just get things going on I'll take max redundancy path for the time being :-) Probably a bunch of projects would benefit a common emulator core (in SGX, TDX enclaves for instance and what-TEE-not).
It's good to keep this project in mind tho. I mean probably there is a meningful intersection of code eventually. Just get things going on I'll take max redundancy path for the time being :-) Probably a bunch of projects would benefit a common emulator core (in SGX, TDX enclaves for instance and what-TEE-not).
0
0
1
Jarkko Sakkinen
jarkko
Edited 3 days ago
I think getting some kind of version of QEMU TPM integrated emulation by LSS 2026 CfP would be a resonable goal.
I was feeling that TPM2 crate stuff alone was somehow incomplete but that would definitely close the circle for the topic :-)
I have my command-line tool tpm2sh but it does not take the topic out of the closure of my own doings...
Great.
I was feeling that TPM2 crate stuff alone was somehow incomplete but that would definitely close the circle for the topic :-)
I have my command-line tool tpm2sh but it does not take the topic out of the closure of my own doings...
Great.
0
0
0
Jarkko Sakkinen
jarkko
https://github.com/rust-vmm/vm-memory/issues/371
https://github.com/enarx/enarx/pull/2617
This is not super important for me but I talked about this with vm-memory year ago and then I did not have any code to demonstrate the issue so it bothered me :-)
https://github.com/enarx/enarx/pull/2617
This is not super important for me but I talked about this with vm-memory year ago and then I did not have any code to demonstrate the issue so it bothered me :-)
0
0
1
@suihkulokki @stsquad And defining memory layout etc. it's all unsafe. You can probably make it syntactically nicer and feel less unsafe but in the end of the day you're still out of the sandbox you're defining. Syntax does add to complexity in this sense, and it is the price of using Rust.
0
0
0
Jarkko Sakkinen
jarkko
@suihkulokki @stsquad It's exactly like that. It's near proximity enough that if you've looked a lot of C and Assembly during course of your life it is easy to have in the ballpark idea of how C will transform.
1
0
1
Jarkko Sakkinen
jarkko
The first time I got copilot feedback: https://github.com/himmelblau-idm/himmelblau/pull/1079
4/7 require additional feedback i.e., this pretty much explains why *what* is really the time consuming part, at least when aiming to production quality. In other words, you have unlimited ways to implement a functionality but no computation can cherry pick exactly right form from the unlimited options.
4/7 require additional feedback i.e., this pretty much explains why *what* is really the time consuming part, at least when aiming to production quality. In other words, you have unlimited ways to implement a functionality but no computation can cherry pick exactly right form from the unlimited options.
0
0
1
@stsquad Area where I still don't think Rust has an edge: early initialization code of kernel. In that it is super important to roughly have an idea of the generated assembly code while you develop and debug it. You are defining the basic constraints of e.g. mm at that point of time, so I just don't pragmatically get Rust at that point.
I don't believe one-tool-conquers-it-all world. Everything should be evaluated by the context.
I don't believe one-tool-conquers-it-all world. Everything should be evaluated by the context.
2
0
1