#spectrum on 2019-09-30

2019-08-29 20:55 qyliss changed the topic of #spectrum to: A compartmentalized operating system | https://spectrum-os.org/ | Logs: https://logs.spectrum-os.org/spectrum/

02:09 danderson has quit [Ping timeout: 264 seconds]

02:09 danderson has joined #spectrum

08:22 pie__ has joined #spectrum

08:26 pie_ has quit [Ping timeout: 240 seconds]

08:56 pie__ has quit [Ping timeout: 240 seconds]

09:45 pie_ has joined #spectrum

09:59 pie_ has quit [Ping timeout: 265 seconds]

10:11 pie_ has joined #spectrum

10:25 pie_ has quit [Ping timeout: 276 seconds]

11:04 pie_ has joined #spectrum

11:45 pie_ has quit [Ping timeout: 245 seconds]

12:38 Shell has quit [Quit: ZNC 1.7.4 - https://znc.in]

12:38 qyliss has quit [Quit: bye]

12:39 Shell has joined #spectrum

12:40 qyliss has joined #spectrum

12:46 zakx_ is now known as zakx

12:47 zakx has quit [Changing host]

12:47 zakx has joined #spectrum

12:55 spacekookie has quit [Quit: **agressive swooshing**]

12:57 spacekookie has joined #spectrum

14:12 pie_ has joined #spectrum

17:08 ehmry has quit [Ping timeout: 245 seconds]

17:45 ehmry has joined #spectrum

20:16 <qyliss> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=250c6c31228d

20:19 <pie_> is that good or bad

20:19 <pie_> i think this is the kind of stuff we were trying to avoid right? or are these secure enclave things not inherently bad

20:20 <multi> qyliss: does the talos II's silicon have that feature available?

20:23 <Shell> this is a similar sort of thing to Intel SGX, right?

20:25 <pie_> thats the initial impression. some quick googling yields this possibly useful https://www.reddit.com/r/OpenPOWER/comments/7vyq5r/power_architecture_ultravisor_state/

20:25 <qyliss> pie_: Secure Enclave can be good!

20:25 <qyliss> I use mine

20:26 <Shell> do we know is this new firmware is to be open-source?

20:26 <qyliss> http://osresearch.net/

20:27 <pie_> damn lol looks like they used bluespec for some stuff?

20:27 <pie_> 3.2.3. BUILDING THE ACM BLUESPEC FPGA MODEL OF A POWER PC SERVER PROCESSOR ........................................................................................................... 9

20:27 <qyliss> multi: > A new ISA release will include the PEF RFC02487 changes.

20:27 <qyliss> So I assume not currently

20:27 <Shell> "This firmware, which we refer to as the Ultravisor, will be open sourced to provide increased transparency and to allow the community to review and strengthen its security." yay!

20:28 <pie_> qyliss: huh. havent seen this before.

20:32 <qyliss> Although, who knows when the documentation was written

20:32 <hyperfekt> 'ultravisor' sounds pretty cool but essentially this is hypervisor nesting iiuc?

20:33 <pie_> 3.2.3.BUILDING THE ACM BLUESPEC FPGA MODEL OF A POWER PC SERVER PROCESSOR This approach was done by modifying an existing Bluespec PowerPCserver class processor model. A demonstration was run on a Verilog simulator and was shown atthe DHS S&T PI meeting in December 2014. The architecture of the ACM Bluespec model isshown in Figure 3.

20:33 <pie_> i wonder if bluespec was still haskell in 2014

20:34 <hyperfekt> so essentially the question if this is good or bad rests on your opinion of the ultravisor firmware?

20:45 <qyliss> hyperfekt: well, my understanding is that the ultravisor does less

20:53 <hyperfekt> qyliss: Ah yes, on second read. I like the concept. Just unfortunate that there's only a single trust domain apparently? And what's the difference to stuff like AMD SEV and Intel TME?

20:54 <qyliss> Not sure