-
Notifications
You must be signed in to change notification settings - Fork 16
2024‐11‐27‐CFCC‐Minutes
Date: Wed, Nov 27, 2024, (4th Wed of each month) Time: 6-7 am PST
Meeting Link: https://zoom-lfx.platform.linuxfoundation.org/meeting/99864751424?password=3b15fe50-d16c-40af-8e2f-b6b1b5e7124d
(You should be able to join as 'guest' using your mail-ID.)
- Dec meeting cancelled as it falls on Christmas Day
- Next meeting will be on Wed 22nd Jan 2025
- Community: Aditya Gurajada, John Manferdelli,
Chris Ramming - Broadcom: Ye Li,
Rado Gerganov - Samsung:
Bokdeuk Jeong - Others:
Ashish Pandey,Pari Patel(Univ of Missouri) - Data Village:
Arne Goeteyn, -
Jacob Lagerros(London, Open-Source Silicon computing, startup founder)
Short meeting; low attendance. Several updates from John.
-
Aditya: #250: Follow-up with John to push the intern project proposal further. Started email thread with John
- Brought this up today. John's re-thinking this application-idea as we need a client h/w.
- For applications: John was thinking of requires on one-side a client-device enabled w/CC of some kind
- With upcoming ideas, John is thinking about the Android port angle (see below).
- Brought this up today. John's re-thinking this application-idea as we need a client h/w.
-
Team: Noted couple of new issues and did a bit of updates / scrubbing.
-
John will write-up intern project proposal for application on simulated enclave.
- Ye to help wordsmith proposal to a concrete project idea.
- Aditya to facilitate organizing this into a formal project proposal w/CCC.
-
(John):
-
Gave talk to Germany Academy of Science. May work together to use CC to secure Factory Floors.
- Looking for languages to grant permissions
- Investigating moving CFCC to embedded systems: Need to add code to existing library to work w/embedded systems
- Timeline tbd; More details in Feb 2025
-
Writing applications: No client h/w. Looking for porting to Android & iOS (iPhone).
- "Port" to Android may start in 12/2024. Will need adding some primitives
-
Exploring NSF grants to fund some newer initiatives around CFCC
-
SecureChannel between 2 CC containers w/CFCC: Currently it's integrated protected channel
- Looking into ACL'ed APIs on secure Channel: So we can open up a Secure Channel and use APIs w/ACLs
- ACLs may work on executable-code and / or identity for who's using the APIs.
- Need to investigate which "standard" ACL library / plumbing to use. Something 'standard' will be needed.
- John was thinking about using Berkeley protocols, but this area needs further investigation
- Looking into ACL'ed APIs on secure Channel: So we can open up a Secure Channel and use APIs w/ACLs
-
TBD: CI support for these planned upcoming ports to Android / iOS
-
Ask Samsung: Is there any updates on their CC on ARM - John Needs real ARM h/w for client-device to test stuff.
-
For factory floor automation, some will be Arm machines.
-
-
(Ye): Merged #257 into
/main
-
Submitted #259 for review: Add cppcheck static analysis:
- This also address #251. Fixed as part of this PR.
- For now, we don't need need input from UCB Keystone team.
- Ye "fixed" in a hard-way to get stuff compiling, and removed double-definitions. Fixes problem for cppcheck. (Keystone code had multiple definitions in src and test code.)
- (Aditya had pinged them earlier; no response, yet.)
-
CCC 2025 Call for Papers is open: Summit is on June 17-18, 2025, SFO:
- Submit talks by ** Jan 17th **
-
-
Ye - investigate and come-up with a recommendation for a static analysis tool to be implemented in our repo
-
Rado -- investigate and come-up with a recommendation for a dynamic analysis tool to be implemented in our repo
-
Aditya -- once the tools / processes are identified, will coordinate with Ye & Rado to implement the dev/Ci-processes required.
-
Aditya -- follow-up on code-level cleanup items for Ubuntu-Linux, sev-simulator changes
-
Aditya will take John's recent writeup on Quantum safe crypto algorithms and update Wiki. Work w/ John to finalize.
-
Ye investigated static analysis tooling. Resolved issue #251. Need input from Keystone folks. Aditya to connect Keystone folks & Ye to drive this further.-
(9/25/2024): Ye said he will try to charge-ahead w/local builds to overcome Keystone build issues. Change is not big; but would be better if it's verified by UCB Keystone folks.
-
(Aditya) Pushed off email to UCB Keystone owners asking for engineer to work with Ye on issue #251
-
9/25/2024: Alex from UCB is trying to reach Dayeol Lee.
-
-
Rado will try to push on integrating sanitizers into CFCC builds... back-burner work.
-
(Bokdeuk) Open up a discussion item asking for more info on necessity of using keys provided by local device.
-
(Bokdeuk) Follow-up on #247 to get responses from @jlmucb
-
Ashish: Put-up a Discussion note explaining arch description of s/w components and their plan on how-to integrate with CFCC.