General OpenPOWER Hardware > General CPU Discussion

Ultravisor state and/or FlexVer as a substitute for confidential/trustworthy rem

(1/2) > >>

AbstractConcept:
I have been occasionally reading the Signal blog,
https://signal.org/blog/secure-value-recovery/
and now that they are once again bringing up SGX as a possible solution to confidential/trustworthy remote processing, I am curious if POWER9’s Ultravisor mode along with Flexver could act as a replacement for SGX.
https://wiki.raptorcs.com/wiki/Power_ISA/Privilege_States#Ultravisor_State

To be honest, I do not fully understand the three (SGX, Flexver, or P9’s Ultravisor), but what Integricloud seems to be claiming to do with FlexVer in terms of allowing a user to verify code running remotely, seems awfully similar to how Signal is trying to use SGX to run code on the users behalf remotely without allowing the SGX server to see the inputs or outputs of the code being executed. From what I have read about Ultravisor state, IBM is certainly positioning it as an alternative to SGX and AMD’S Secure Processor memory encryption.
https://developer.ibm.com/articles/l-support-protected-computing/
https://www.kernel.org/doc/html/latest/powerpc/ultravisor.html

As Signal is pretty much the only messaging program I have significant trust in, part of my interest here is that I would like to see Signal using something other than a DRM mechanism to do private remote processing.

Though regardless, the promise of being able to perform confidential processing remotely is intriguing by itself, especially when done without placing absolute and irrevocable trust in the manufacturer.

ClassicHasClass:
I'm doing research for a future Talospace article on the ultravisor, but while it should do something conceptually similar I don't think it's an exact replacement for SGX.

Flexver seems to have a little different scope and involves tamper protection as well AIUI, but @madscientist159 could say more about that.

madscientist159:

--- Quote from: ClassicHasClass on January 12, 2020, 12:45:10 am ---I'm doing research for a future Talospace article on the ultravisor, but while it should do something conceptually similar I don't think it's an exact replacement for SGX.

Flexver seems to have a little different scope and involves tamper protection as well AIUI, but @madscientist159 could say more about that.

--- End quote ---

Yes, FlexVer is the technology required to basically harden the systems against direct physical attack.  Since we consider permanent vendor control via e.g. vendor signing keys absolutely unacceptable, some other scheme is required to prevent physical access from silently becoming root / hypervisor root.  That's where FlexVer sits.

We have a few papers online, e.g. https://www.raptorengineering.com/TALOS/documentation/flexver_intro.pdf and https://www.raptorengineering.com/TALOS/documentation/integrimon_intro.pdf .  There's also some information at http://integricloud.com/content/base/service_intro.html , and I'd be happy to answer any direct questions you have.

Since Ultravisor is owner controlled, we'd generally say FlexVer is needed to make sure the Ultravisor image you think you loaded was actually loaded if a hostile physical environment is in play.

@AbstractConcept My standard answer to anyone promoting SGX as a "secure" solution is to ask, do you have an SLA with Intel that will pay out all damages incurred if SGX is implemented wrong, has a firmware bug that allows malicious access, if Intel abuses their keys to gain access to your data (including under court order / with warrant), etc.?  If not, you're just blindly trusting a third party to act in your interests at all times for no real reason.  Not a place I'd like to be, and definitely nothing I'd call "secure".  ;)

rjzak:
So for the sake of clarify, the "v2" POWER9 chips do support the Ultravisor, correct?

The Wiki says POWER9 2.3 does support Ultravisor: https://wiki.raptorcs.com/wiki/POWER9#Steppings
And the Wiki says that Ultravisor does not exist in POWER9: https://wiki.raptorcs.com/wiki/Power_ISA/Privilege_States

I also ask because I'm working on a project (Enarx) which runs workloads in trusted execution environments, such as Intel SGX. I'd like to support POWER9's Ultravisor/PEF if it's available on a Talos II system, and functional (and hopefully documented enough to figure out!).

SiteAdmin:

--- Quote from: rjzak on August 01, 2022, 04:41:49 pm ---So for the sake of clarify, the "v2" POWER9 chips do support the Ultravisor, correct?

--- End quote ---

That is correct, yes.  We're very interested in anything you are able to do with the Ultravisor mode to enhance system security under owner control!

Navigation

[0] Message Index

[#] Next page

Go to full version