AMD ikambani yekuAmerica processor
Mazuva mashoma apfuura AMD yakavhurwa Kuburikidza ne blog post, iyo kuburitswa kweiyo source code yeiyo AMD SEV kuchengetedza michina (Chengetedza Encrypted Virtualization), iyo ine chinangwa chekudzivirira chaiwo michina kubva pakukanganiswa ne hypervisor kana host system administrator.
Izvo zvinofanirwa kuyeukwa kuti AMD yakatanga SEV muna 2016 seyakachengeteka yakavharidzirwa virtualization chengetedzo mhinduro, nekudaro kugadzirisa matambudziko akasiyana-siyana echinyakare virtualization matekinoroji neiyo hypervisor yaibvumira kuwana kune yevaenzi data.
Zvakakodzera kutaura kuti AMD yakatobatanidza rutsigiro rweSEV mubazi guru reLinux kernel, zvese zvemuenzi uye zveKVM.
Nezvekuburitswa kwekodhi, inotaurwa izvozvo chikonzero chikuru yekuburitswa kwekodhi inodudzwa sechiratidzo chekuzvipira kuvhura sosi mazano (semuenzaniso, AMD iri kutogadzira iyo firmware-inoenderana neopenSIL chirongwa) uye kusimudzira danho rekuwedzera kujeka kwekuchengetedza-nechekuita tekinoroji.
Kunyanya, iyo yakapihwa sosi kodhi inobvumira yakazvimiririra yekuongorora ye AMD SEV kuita.
"Tinorumbidza danho re AMD rekuita kuti zvikamu zvekuchengetedza firmware zviwanikwe kune veruzhinji kuti zviongororwe. "Izvi zvinonyatsoenderana neAzure Confidential Computing philosophy yekumbundira yakavhurika sosi uye kuvhura yedu kodhi pazvinoshanda." Mark Russinovich, CTO weAzure uye tekinoroji shamwari kuMicrosoft.
Nezvekushanda kweSEV, zvinonzi kuchengetedzwa kwe AMD SEV inoshandiswa uchishandisa hardware-level encryption ye virtual machine memory, uko chete iyo yevaenzi sisitimu yainomhanyisa pairi inokwanisa kuwana iyo decrypted data, nepo kune mamwe ese emagetsi emuchina uye hypervisor, vanogashira seti ye encrypted data pavanoyedza kuwana iyi ndangariro.
Encryption makiyi anodzorwa padivi peakaparadzana PSP (Platform Security processor) processor yakabatanidzwa muchip, inoshandiswa pahwaro hweiyo ARM yekuvaka, uye tekinoroji inoenderana neiyo AMD EPYC mhuri yeserver processors.
Ma processor AMD EPYC vanozivikanwa nekuita kwavo uye kuchengetedza maficha, iyo yakagadzirirwa kuchengetedza data pakuzorora, mukufamba uye mukushandiswa. Aya ma processor ari kuwedzera kushandiswa mune inokura portfolio yemakomputa-inogonesa chaiwo michina, inosanganisira Amazon Web Services (AWS), Google Cloud, Microsoft Azure, uye Oracle Compute Infrastructure (OCI).
"Semutungamiri mune zvakavanzika zvemakomputa, takazvipira kuramba tichitsvaga hunyanzvi uye kugadzira zvinhu zvechizvino-zvino zvekuchengetedza izvo zvinoenderana neakanyanya kupihwa makore kubva kune vatinoshanda navo ecosystem," akadaro Mark Papermaster, mutevedzeri wemutungamiri uye mukuru wetekinoroji, AMD. .
"Nekugovana nheyo dzeSEV tekinoroji yedu, tinopa pachena kune zvakavanzika komputa uye tinoratidza kuzvipira kwedu kuvhura sosi. Kuita nharaunda yakavhurika sosi kuchasimbisa iyi tekinoroji yakakosha kune vatinoshanda navo uye vatengi vasingatarisire chinhu chakaderera pane kuchengetedzwa kwakanyanya kwezvinhu zvavo zvakakosha: data ravo. "
Kana ari rezinesi payakaburitswa AMD SEV firmware code, inotaurwa kuti izvi inokubvumira kushandisa, kukopa, kushandura, kugovera uye kugadzira mabasa anotorwa Yekushandisa ne AMD hardware chete.
Rezinesi rinorambidza kuisirwa kodhi mukati zvigadzirwa zvakagoverwa pasi mamwe marezinesi anotyora kana patents. Kuvandudzwa kweFirmware kunoenderera mukati me AMD, iyo isina chinangwa chekugamuchira shanduko kubva kune vechitatu mapato, asi inofunga nezvemhinduro uye mhinduro.
Kune avo vanofarira kodhi, iwe unofanirwa kuziva kuti izvi zvinoburitswa pasi pechibvumirano cherezinesi chakasiyana uye zvinoenderana neSEV FW 1.55.25 firmware inoshandiswa muchizvarwa chechina che AMD EPYC processors uye inogona kubvunzwa paGitHub pa. iyo inotevera repository.
pakupedzisira kana uri kufarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu inotevera chinongedzo.