Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Harald Hoyer
    @haraldh
    oh, good luck! hope all will be fine!
    axel simon
    @axelsimon
    (someone from the matrix team just confirmed matrix.org is seeing a lot of trafic this month and "if you're using matrix.org atm you're going to have a bad time")
    Bandan Das
    @whitebrandy

    (someone from the matrix team just confirmed matrix.org is seeing a lot of trafic this month and "if you're using matrix.org atm you're going to have a bad time")

    oh this easy, just run our own matrix server! :)

    Nathaniel McCallum
    @npmccallum
    @axelsimon @haraldh Thanks. All is fine. Ended up being just a rock stuck against the brake rotor.
    Lily Sturmann
    @lkatalin
    Glad everything is okay!
    axel simon
    @axelsimon
    if anyone else is interested, this is mostly off-topic (but not entirely) i'm going to be attending the (somewhat overly optimistically entitled) Open Tech Will Save Us event in 15 min https://twitter.com/matrixdotorg/status/1247872028876693504
    there will be presentations of matrix and riot, which is how it somewhat relates to Enarx
    Mike Bursell
    @MikeCamel
    It would be great to have mentors for the two new faces who's shown an interest. 1) engineering/programming person; 2) technical docs person.
    I think that Shaun volunteered for #2.
    Anyone else for #1?
    Nathaniel McCallum
    @npmccallum
    @MikeCamel Perhaps we can have a mentorship bug and assign someone to it?
    Mike Bursell
    @MikeCamel
    +1
    Lily Sturmann
    @lkatalin
    I'm happy to be a mentor if appropriate / helpful
    Mark Bestavros
    @mbestavros
    Likewise!
    Mark Bestavros
    @mbestavros
    Related to the above: enarx/enarx#418
    axel simon
    @axelsimon
    joining the daily in a sec
    Jon Stoller
    @jmstoller_gitlab
    Hi, I joined your daily meeting yesterday. Thanks for speaking with me! I wasn't able to find any documentation online about how to get started with any SME instances. IBM casually but vaguely mentioned earlier this month that they will start to support this, but I wasn't able to find more detailed information. Is it possible to access such instances via Red Hat services? Is SME only supported on Linux? I understand that you're developing an interface to help people make use of memory encryption. Do you have any documentation explaining what your product will support? Thanks again :)
    Nathaniel McCallum
    @npmccallum
    @jmstoller_gitlab We aren't using AMD SME. We're using AMD SEV.
    (There is currently a lot of confusion around these technologies.)
    Jon Stoller
    @jmstoller_gitlab
    Ah thanks @npmccallum , I actually meant SME or SEV. We're interested in both!
    Nathaniel McCallum
    @npmccallum
    SEV is basically a superset of SME plus other features.
    joncmu
    @joncmu
    @jmstoller_gitlab I can answer any questions you might have about IBM's solution announced earlier this month.
    Jon Stoller
    @jmstoller_gitlab
    Thank you @joncmu, I'm wondering how to set up a python application to work with SEV. Is there some documentation on how this would work? I assume this isn't something that can be done entirely in Python but would require some OS level intervention. I'm not sure where to start, so I'd appreciate any guidance.
    Nathaniel McCallum
    @npmccallum
    @jmstoller_gitlab As of today, there isn't a straightforward path to a fully attested and encrypted deployment of Python on SEV.
    In the future, you'd probably want something like https://github.com/iodide-project/pyodide/ on Enarx or booting a full, traditional VM in SEV.
    The path would depend on your specific needs.
    Jon Stoller
    @jmstoller_gitlab
    @npmccallum so if I were to boot a full VM in SEV, would the memory be encrypted/decrypted at the level of the VM? Is this something which is already supported by cloud providers?
    Nathaniel McCallum
    @npmccallum
    @jmstoller_gitlab Yes. No.
    Jon Stoller
    @jmstoller_gitlab
    @npmccallum so you would have to purchase a computer and set it up yourself? Is Red Hat close to releasing an online VM that will support this?
    Nathaniel McCallum
    @npmccallum
    @jmstoller_gitlab Today you can get SEV-enabled hardware from various clouds. But Enarx has the only SEV-attestation code in the world (to my knowledge). This is required to turn on encryption. The Virtualization stacks are currently looking at implementing this, but nobody supports it yet.
    So the problem is fundamentally a software problem.
    Enarx is likely to be first to market, because even if the VM hypervisor supports turning on SEV and attesting it, you can't yet pass keys through the guest BIOS, EFI, bootloader and kernel.
    The required support is roughly:
    1. Hardware
    2. Host Kernel
    3. Host VMM (hypervisor)
    4. Guest BIOS
    5. Guest EFI
    6. Guest Bootloader
    7. Guest Kernel
    8. Cloud Management Software
    9. Tenant Deployment Software
    Jon Stoller
    @jmstoller_gitlab
    Ok, thanks for the explanation @npmccallum!
    Nathaniel McCallum
    @npmccallum
    Today we have (1) and (2). Enarx has working but not yet merged (3) and (7) [in Enarx architecture, 4-6 aren't needed]. We also plan to build (8) and (9).
    @MikeCamel We should have a slide summarizing ^^^
    Edwin Beasant
    @ebeasant-arm
    Here's something you might be interested in: Cranelift/Wasmtime now up on aarch64 (some tests still WIP): bytecodealliance/wasmtime#1494
    That removes a significant blocker for Enarx on aarch64 :-)
    Edwin Beasant
    @ebeasant-arm
    In addition, Redox's aarch64 port has been updated by Robin R over here, which means there's a minimally booting aarch64 kernel. There's also work on the recursive paging approach used here (Robin would like to use linear paging if possible)
    Nathaniel McCallum
    @npmccallum
    @ebeasant-arm wohoo!
    Connor Kuehl
    @connorkuehl
    Almost to 100 stars on the repo!
    Lily Sturmann
    @lkatalin
    :tada: :smile:
    Nathaniel McCallum
    @npmccallum
    @connorkuehl We crossed 50 stars only a few weeks ago!
    Mike Bursell
    @MikeCamel
    Yay!
    matrixbot
    @matrixbot
    kpouget on Freenode \join #enarx
    kpouget on Freenode Hello, I'd like to join the Enarx call tomorrow, is 14:00-14:30 GMT the correct time?
    Connor Kuehl
    @connorkuehl
    Hi kpouget! Yes, that's correct
    matrixbot
    @matrixbot
    kpouget on Freenode Connor Kuehl (Gitter), thanks, with the "EST" indication I wasn't sure !
    Mike Dombrowski
    @m-dombrowski
    Hello folks! I discovered the Enarx presentation series at the Red Hat Summit and the project has piqued my interest. I'm interested in the possibility of contributing to the docs. I'm be glad to further explore the possibility with the group whenever someone is available.
    Lily Sturmann
    @lkatalin
    Welcome @m-dombrowski, we're very happy to have your contributions.
    Mark Bestavros
    @mbestavros
    Hello @m-dombrowski -- that's awesome! We'd love your contributions. First place I'd point you to is our wiki: https://github.com/enarx/enarx/wiki
    Lily Sturmann
    @lkatalin
    I think @axelsimon will be a good person to chat with when he's back tomorrow (it's late in his time zone)