Comment by Joel_Mckay
2 days ago
see other comment, the author describes some issues with current hardware virtualization. kvm is also pretty good, but not perfect... and completely irrelevant with GPU pass-through enabled. =3
2 days ago
see other comment, the author describes some issues with current hardware virtualization. kvm is also pretty good, but not perfect... and completely irrelevant with GPU pass-through enabled. =3
Which other approach to security do you consider reliable? Through correctness? Through obscurity?
https://blog.invisiblethings.org/2008/09/02/three-approaches...
Publicly documented encrypted mmu, as it is the only practical way to isolate contexts on parallel cores.
Or some exotic processor no one would ever sell successfully. =3
Intel SGX/TDX and AMD SEV-SNP implemented that (although it was hacked the other day) and some clouds offer it.
What would an encrypted MMU do differently?
3 replies →