| *** sjas_ has joined #kata-general | 05:09 | |
| *** sjas has quit IRC | 05:12 | |
| kata-dev-irc-bot | <harshal.patil> What is the impact of Intel's TME and MKTME on runtimes based on virtual machine, such as kata? | 05:25 |
|---|---|---|
| kata-dev-irc-bot | <harshal.patil> https://software.intel.com/en-us/blogs/2017/12/22/intel-releases-new-technology-specification-for-memory-encryption | 05:25 |
| kata-dev-irc-bot | <harshal.patil> @james.o.hunt @xu | 05:25 |
| kata-dev-irc-bot | <harshal.patil> since you wont be able to decrypt the memory of an another process (in case of MKTME), does running container inside VM still offering anything extra in terms of security? Even if container process exploits kernel vulnerability and escapes it won't be able to decrypt the memory pages (in MKTME) in my opinion. | 05:35 |
| kata-dev-irc-bot | <harshal.patil> I would like to know what this community thinks about the impact of TME and MKTME on runtime like these. | 05:35 |
| kata-dev-irc-bot | <xu> If you subscribed the mailing list, you will find there are a discussion on memory encryption tech (but initiated for AMD similar tech). | 06:09 |
| *** jodh has joined #kata-general | 07:55 | |
| *** jodh has joined #kata-general | 07:55 | |
| *** gwhaley has joined #kata-general | 09:12 | |
| *** sjas_ is now known as sjas | 11:27 | |
| *** gwhaley has quit IRC | 11:57 | |
| *** gwhaley has joined #kata-general | 13:37 | |
| *** openstack has joined #kata-general | 17:17 | |
| *** ChanServ sets mode: +o openstack | 17:17 | |
| *** jodh has quit IRC | 17:37 | |
| *** jodh has joined #kata-general | 17:37 | |
| *** jodh has quit IRC | 18:07 | |
| *** gwhaley has quit IRC | 18:15 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!