Jarkko Sakkinen
jarkko
Edited 3 months ago
Overall this looks stil very wrong but some very basics have been put in place:
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=container
Basic plumbing:
1. Some splitting to chunks that make more sense.
2. scripts/checkpatch.pl --strict -g master..container passes.
3. I implemented the missing container_wait and container_kill (only compiled-tested).
Next step is to substitute a random test program with a kselftest. After that this can be actually hammered.
These patches have at least a potential to simplify container runtimes quite a lot. And preparation and launch are well-ordered given container_fork().
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=container
Basic plumbing:
1. Some splitting to chunks that make more sense.
2. scripts/checkpatch.pl --strict -g master..container passes.
3. I implemented the missing container_wait and container_kill (only compiled-tested).
Next step is to substitute a random test program with a kselftest. After that this can be actually hammered.
These patches have at least a potential to simplify container runtimes quite a lot. And preparation and launch are well-ordered given container_fork().
0
0
0
@oleksandr With swcam the basis of nack was "not useful for companies creating V4L2 associated hardware => not useful for anyone", or this is how I summarized it at least in my mind.
I'd except at least a more reasonable nack and maybe even learn something in the process; the bar is quite low atm :-)
I'd except at least a more reasonable nack and maybe even learn something in the process; the bar is quite low atm :-)
0
0
0
Jarkko Sakkinen
jarkko
@oleksandr i consider nack as done :-) i just want fully drain my backlog.
1
0
0
Jarkko Sakkinen
jarkko
hooray, i have container_create() syscall running on top of mainline tip.
can't wait to write some cool tests for this :-)
this is by definition "against the odds" feature...
can't wait to write some cool tests for this :-)
this is by definition "against the odds" feature...
1
0
2
Jarkko Sakkinen
jarkko
The defence project in EU that could not get enough funding: https://defence-industry-space.ec.europa.eu/eu-space/iris2-secure-connectivity_en
Because option B is to call to Musk :-)
Because option B is to call to Musk :-)
0
0
0
@vbabka It has also a slightly different goal if I got it right. i do emulation and cocoon-tpm does production (in an enclave or whatever SEV VM workloads are called). they could find possibly tpm2-protocol crate useful tho as it is an isolated binariy parser (no IO or similar ties, requires only stack).
It's good to keep this project in mind tho. I mean probably there is a meningful intersection of code eventually. Just get things going on I'll take max redundancy path for the time being :-) Probably a bunch of projects would benefit a common emulator core (in SGX, TDX enclaves for instance and what-TEE-not).
It's good to keep this project in mind tho. I mean probably there is a meningful intersection of code eventually. Just get things going on I'll take max redundancy path for the time being :-) Probably a bunch of projects would benefit a common emulator core (in SGX, TDX enclaves for instance and what-TEE-not).
0
0
1
Jarkko Sakkinen
jarkko
Edited 3 months ago
I think getting some kind of version of QEMU TPM integrated emulation by LSS 2026 CfP would be a resonable goal.
I was feeling that TPM2 crate stuff alone was somehow incomplete but that would definitely close the circle for the topic :-)
I have my command-line tool tpm2sh but it does not take the topic out of the closure of my own doings...
Great.
I was feeling that TPM2 crate stuff alone was somehow incomplete but that would definitely close the circle for the topic :-)
I have my command-line tool tpm2sh but it does not take the topic out of the closure of my own doings...
Great.
0
0
0
Jarkko Sakkinen
jarkko
https://github.com/rust-vmm/vm-memory/issues/371
https://github.com/enarx/enarx/pull/2617
This is not super important for me but I talked about this with vm-memory year ago and then I did not have any code to demonstrate the issue so it bothered me :-)
https://github.com/enarx/enarx/pull/2617
This is not super important for me but I talked about this with vm-memory year ago and then I did not have any code to demonstrate the issue so it bothered me :-)
0
0
1
@suihkulokki @stsquad And defining memory layout etc. it's all unsafe. You can probably make it syntactically nicer and feel less unsafe but in the end of the day you're still out of the sandbox you're defining. Syntax does add to complexity in this sense, and it is the price of using Rust.
0
0
0
@suihkulokki @stsquad It's exactly like that. It's near proximity enough that if you've looked a lot of C and Assembly during course of your life it is easy to have in the ballpark idea of how C will transform.
1
0
1
Jarkko Sakkinen
jarkko
The first time I got copilot feedback: https://github.com/himmelblau-idm/himmelblau/pull/1079
4/7 require additional feedback i.e., this pretty much explains why *what* is really the time consuming part, at least when aiming to production quality. In other words, you have unlimited ways to implement a functionality but no computation can cherry pick exactly right form from the unlimited options.
4/7 require additional feedback i.e., this pretty much explains why *what* is really the time consuming part, at least when aiming to production quality. In other words, you have unlimited ways to implement a functionality but no computation can cherry pick exactly right form from the unlimited options.
0
0
1
@stsquad Area where I still don't think Rust has an edge: early initialization code of kernel. In that it is super important to roughly have an idea of the generated assembly code while you develop and debug it. You are defining the basic constraints of e.g. mm at that point of time, so I just don't pragmatically get Rust at that point.
I don't believe one-tool-conquers-it-all world. Everything should be evaluated by the context.
I don't believe one-tool-conquers-it-all world. Everything should be evaluated by the context.
1
0
1
Jarkko Sakkinen
jarkko
@troglobit This is basically collecting the fruits of what I created during the Fall :-)
0
0
1
Jarkko Sakkinen
jarkko
@vbabka At least when it comes to protocol itself I want to base it on https://crates.io/crates/tpm2-protocol but I have to look if some of the code lke crypto primitives would be reusable. I'll take a look at it :-)
tpm2-protocol crate that I did defines a syntax macros to define the full TCG protocol in a bidirectonial way so that it can parse and emit to both directions. And I believe it is the most advanced peace of code for this particular niche :-) That's why it was so easy to ramp beginnings of a QEMU patch.
tpm2-protocol crate that I did defines a syntax macros to define the full TCG protocol in a bidirectonial way so that it can parse and emit to both directions. And I believe it is the most advanced peace of code for this particular niche :-) That's why it was so easy to ramp beginnings of a QEMU patch.
1
0
1
Jarkko Sakkinen
jarkko
I started rebasing and tuning dhowell's old container patches.
Right now I've bumped into use of "init_cred", which was made static in the recent past.
I guess I can address this by:
1. Removing static initialization of the field from struct container.
2. Adding a snippet of code to kernel initialization that assigns the same field dynamically using kernel_cred().
Is this the path I should take?
#linux #kernel
Right now I've bumped into use of "init_cred", which was made static in the recent past.
I guess I can address this by:
1. Removing static initialization of the field from struct container.
2. Adding a snippet of code to kernel initialization that assigns the same field dynamically using kernel_cred().
Is this the path I should take?
#linux #kernel
1
0
0