Announcement

Collapse
No announcement yet.

Arm Publishes Initial Confidential Compute Architecture "CCA" Code For Linux VMs

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Arm Publishes Initial Confidential Compute Architecture "CCA" Code For Linux VMs

    Phoronix: Arm Publishes Initial Confidential Compute Architecture "CCA" Code For Linux VMs

    Arm ended out January by publishing an early request for comments (RFC) version of its Confidential Compute Architecture (CCA) support for the Linux kernel so there can be KVM virtualization integration around Arm CCA, a KVM user-space ABI for managing Realms, and Linux guest support for Arm Realms...

    Arm Publishes Initial Confidential Compute Architecture "CCA" Code For Linux VMs - Phoronix
    https://www.phoronix.com/news/Arm-CCA-Linux-RFC-Patches
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    Prepare to see it used for DRM in 3... 2... 1...
    • Likes 1

    Comment

    • #3
      Oh that's the main Goal: https://community.arm.com/arm-commun...one-technology

      I was wondering what the difference is to the already existing TEE/TrustZone: The anoncement is prety straight forward: DRM vendors don't trust each other to fix Arbitrary execution holes, so one unified blackbox sandbox doesn't cut it anymore: you can now have infinite black box sandboxes!

      Comment

      • #4
        Originally posted by Matombo View Post
        Oh that's the main Goal: https://community.arm.com/arm-commun...one-technology

        I was wondering what the difference is to the already existing TEE/TrustZone: The anoncement is prety straight forward: DRM vendors don't trust each other to fix Arbitrary execution holes, so one unified blackbox sandbox doesn't cut it anymore: you can now have infinite black box sandboxes!
        My impression is that trustzone is closer to x86's System Management Mode, which has been around since the DOS days, or various runtime elements of UEFI which I have no doubt get used for DRM somewhere.
        Last edited by Developer12; 02 February 2023, 02:02 PM.

        Comment

        • #5
          I don't know that the comparison to SGX is entirely valid. SGX isn't really a virtual machine technology like what AMD and ARM are putting forward.

          The fact that SGX isn't a full-blown VM and instead is intended to run applications definitely makes it a more attractive target for DRM.

          Comment

          Previous template Next
          Working...
          X