[Nottingham] Writing Linux Kernel Functions In CUDA With KGPU

Martin martin at ml1.co.uk
Sat May 7 15:43:41 UTC 2011


On 7 May 2011 16:23, Sergiusz Pawlowicz <sergiusz at pawlowicz.name> wrote:
> On Sat, May 7, 2011 at 15:06, Martin <martin at ml1.co.uk> wrote:
[...]
>> Rather interesting, but one commenter has already picked up on what
>> would be one of my concerns:
>>
>> http://hardware.slashdot.org/comments.pl?sid=2132414&cid=36052010
>>
>> "Is it a good idea for the protected kernel to rely on unprotected
>> code for critical functions such as filesystem operations? I know that
[...]

> i do not get it, do you (eventually a comment author) do not believe
> any userspace encryption can be secure? trojan can do everything with
> all files visible in virtual file system, both encryptfs and the lower
> filesystem (ext4, nfs, xfs, whatever) are registered in the kernel
> vfs, so if we follow this bit, no protection exists.

Not my comment, but it does describe one of my thoughts.


> ... there is selinux, which gives more
> security, but it is not related only to any gpu accelerated
> encryption, but to vfs.
>
> i would love to hear any scenario ...


For example:

Given a multi-user server, could a malicious user (or just an
inquisitive student/academic) eavesdrop on another user by monitoring
the GPU VRAM that is used as workspace for other users?...

And does SELINUX control/monitor beyond just file access rights?

Cheers,
Martin



More information about the Nottingham mailing list