[lxc-devel] Question on hardware-guaranteed security in the new LXD hypervisor for containers

Stéphane Graber stgraber at ubuntu.com
Mon Nov 24 21:12:56 UTC 2014


On Tue, Nov 18, 2014 at 12:10:41PM -0500, Bhushan Jain wrote:
> Hi,
> I am a PhD candidate at Stony Brook University working in the area of
> system security.
> I had a few questions about the hardware-guaranteed security announced at
> http://www.ubuntu.com/cloud/tools/lxd.
> 
> 1. Which guarantees are we actually talking about here?
> 2. Does anyone have an idea about what is planned and what is the status of
> this support?
> 3. Does the linux kernel have to be changed to support this hardware?
> 4. How soon can we expect to be able to use in practice these hardware
> guarantees?
> 5. How is this new hardware different from say VT-x or SGX developed by
> Intel?
> 
> The current design documents in the lxd github repository don't seem to
> discuss this design space.
> 
> Thanks,
> Bhushan

I know this isn't the answer you were hoping for an believe me it's not
one I like to give, but we're unfortunately not at liberty to discuss
this at this point :(

Sorry

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20141124/facfa471/attachment.sig>


More information about the lxc-devel mailing list