Output:

~/work/local/hello-vm-memory master* 7m 13s
❯ target/debug/hello-vm-memory                    
GuestMemoryMmap { regions: [GuestRegionMmap { mapping: MmapRegion { addr: 0x7f593adbf000, size: 8192, bitmap: (), file_offset: None, prot: 3, flags: 16418, owned: true, hugetlbfs: None }, guest_base: GuestAddress(0) }] }

So, in case you’ve ever wondered, this is how you map anonymous memory with vm-memory crate:

//! Copyright (c) Jarkko Sakkinen 2024

#![deny(clippy::all)]
#![deny(clippy::pedantic)]

use vm_memory::{GuestAddress, GuestMemoryMmap};

fn main() {
    let mem: GuestMemoryMmap<()> =
        GuestMemoryMmap::from_ranges(&[(GuestAddress(0u64), 8192usize)]).unwrap();
    println!("{:?}", mem);
}

The type parameter is for Bitmap.

I’ll do a small test program for each type of memory that we need in Enarx and after that make the changes to the project itself. Changes are simple but the code base is large so this is fastest way to formalize a decent patch.

So next step is /dev/kvm test.

#rust #rustlang #mmap #kvm

#Anonym has the same #privacy bug as #Signal:

1. Claim that they run confidential computing environment.
2. Does not periodically piggyback x.509 of the CPU attestation back to the browser so that it could be compared to the #Intel and #AMD CA’s.

Objectively we can thus come to the conclusion that it is belief system based #security.

Especially this is weird given the collaboration with a browser vendor.

Even for AGPL code confidentiality can be faked by emulating necessary opcodes with a modified QEMU.

The whole core idea of confidential computing is based on exactly to the ability for client to verify that the payload is unmodified. This is just fake marketing.

The security promise is exactly as truthful as it was for ANON phones that FBI sold to crooks ;-)

#Mozilla #Firefox #infosec

As a seldom science paper consumer, not a scientist, I browse 95% of papers from which I need a slice of info on my computer screen, but the 5% that I actually need to understand in depth and detail I always print on paper.

@triskelion i only mind about padding and borders to be more specific

Call sites:

~/work/github/enarx/enarx main
❯ git grep -e Map\< 
crates/enarx-config/src/lib.rs:    pub env: HashMap<String, String>,
src/backend/binary.rs:        pages: Map<perms::ReadWrite>,
src/backend/kvm/builder.rs:    fn map(&mut self, pages: Map<perms::ReadWrite>, to: usize, with: u32) -> anyhow::Result<()> {
src/backend/kvm/builder.rs:    pages: &Map<perms::ReadWrite>,
src/backend/kvm/mem.rs:    backing: Map<perms::ReadWrite>,
src/backend/kvm/mem.rs:    pub fn new(slot: Slot, backing: Map<perms::ReadWrite>) -> Self {
src/backend/kvm/mem.rs:        backing_memory: &Map<perms::ReadWrite>,
src/backend/kvm/mod.rs:        pages: Map<perms::ReadWrite>,
src/backend/sev/builder.rs:        mut pages: Map<perms::ReadWrite>,
src/backend/sev/hasher.rs:    fn map(&mut self, pages: Map<perms::ReadWrite>, to: usize, with: u32) -> anyhow::Result<()> {
src/backend/sgx/builder.rs:    mmap: Map<perms::Unknown>,
src/backend/sgx/builder.rs:        pages: Map<perms::ReadWrite>,
src/backend/sgx/hasher.rs:        pages: Map<perms::ReadWrite>,
src/backend/sgx/mod.rs:    mem: Map<perms::Unknown>,

Compiled #enarx first time for a long time. I'm looking into how feasible it would be to switch the ad-hoc mmap abstraction to rust-vmm/vm-memory crate. #Rust #rustlang

@triskelion i don’t care what window decoration looks like.

@visone i prefer running tmux sessions so that kind of provides me same in all terminals but don’t mind feature to exist

Ya, and another thing I like in foot that the only setting in graphics that I had to change was font. No borders, extra padding etc. in the default configuration. And only other setting I changed was to add F11 shortcut for full-screen. Took about 5 minutes to get it right from finding the project in the first place.

I've tried both alacritty and kitty for some time only to realize that cross-platform terminal is not always the best idea.

E.g. it is pretty hard to find ubiquitos font settings that work for both GNOME and macOS. So on macOS I now use iTerm2 and in GNOME I use this. They play better with the surrounding environment, and possibility have shared configuration was rendered out anyway on how graphics works in each specific OS.

#foot is a super nice #terminal that I just learned to exist: https://codeberg.org/dnkl/foot

#wayland only. has all the modern mandatory stuff but not extras.

@jorgen Some characters like curly brace look beautiful and have that IBM old school vibe ;-)

I've been use catppuccin and its variants for colors lately because it has also nice light background variant that does hurt eyes, and the colors hve that nice Motif/FVWM feel in them ;-)

@aria OK, that's unfortunate! But also expected, as Firefox follows the footsteps of Chrome.

Does not affect my workflow tho. I wonder how is the situation with Iceweasel.

@vbabka Forgot one thing: HEAD@{<index>} can be used to index the reflog entries. It is nice because it is just a bookmark list where new bookmark gets added when ever there is a new commit ID. It is nothing retained in the version control itself.

@vbabka AFAIK or at least for my practical use reflog is can be translated as "undo log" and resetting to any state in it does not mix up rebase state. It will just continue whatever is underneath. Definitely a worthwhile git sub-command to learn properly...

@vbabka ive used it at least countless times when doing the same exact mistake. Rebase just on top of whatever is the underlying git tree. It is in that way stateless

@vbabka git reflog and git reset —hard the previous if in middle of rebase

@kowry i don't have a spotify account or listen any other streaming services 🤷 i just consume a lot of this type of stuff. for youtube link i searched it myself from there.

During holidays I found about #IBM Plex: https://www.ibm.com/plex/

Love this font! Best thing from IBM in years.