Weidong Sun
Weidong Sun
This is a very interesting topic, inode/xattr and pathnames exactly related to SELinux and AppArmor. Inode/xattr solution is less flexible but you don't need to handle mount namespace/bind mount/symlink. Pathnames...
I think it would be useful to combine CVM with non-CC GPUs. It may not be entirely safe, but it could be considered as an option to GPU more widely...
Thanks for your reply, is there any functions to clear user space C-bit? 在 2023年9月7日星期四,Jimmy Tan ***@***.***> 写道: > @wdsun1008 I do not have access to > CVM+GPU, so I...
> @wdsun1008 > > I am trying to implement clearing user-space C-bit. I did not find an existing interface. > > You can try executing some simple user-space code to...
@Tan-YiFan [dcu-patch](https://gitee.com/anolis/hygon-devkit/blob/master/csv/confidential-containers/patches/0010-newfeature-Add-patches-and-configs-to-build-5.11-ker.patch) Here is a patch of Hygon DCU kernel, which implemented user space decrypt function. They don't have any reference in kernel code, maybe the function can be called...
@Tan-YiFan I tried using a simple ko to perform user-space memory decryption, but the GPU computation still returns encrypted text. Here is my test code: ``` # memko.c #include #include...
> @wdsun1008 I am sorry for not testing it successfully. You can refer to [AMDESE/AMDSEV#185](https://github.com/AMDESE/AMDSEV/issues/185), which is a similar issue and has been handled. No worries, I haven't been successful...
@apostasie The CI errors doesn't seem to be directly related to the PR. I also can't pass this test case locally when using the main branch, and there is no...