2025‐2‐26‐CFCC‐Minutes

Date: Wed, Feb 26, 2025, (4th Wed of each month) Next: Wed, Mar 26, 2025

Time: 6-7 am PST

Meeting Link: https://zoom-lfx.platform.linuxfoundation.org/meeting/99864751424?password=3b15fe50-d16c-40af-8e2f-b6b1b5e7124d

(You should be able to join as 'guest' using your mail-ID.)

Attendees

• Community: Aditya Gurajada, John Manferdelli, Chris Ramming
• Broadcom: Ye Li, Rado Gerganov
• Samsung: Bokdeuk Jeong
• Univ of Missouri: Ashish Pandey, Pari Patel, Bishwas Wagle, Mauro Lemus, Prof. Calyam
• Data Village: Arne Goeteyn,
• Jacob Lagerros (London, Open-Source Silicon computing, startup founder)
• Sakul Gupta, Micron

Agenda

• #250 John has submitted this CFCC-2025: intern project proposal

• Hear about John's updates: We're also implementing an ACL'ed API interface you can use on the secure channel to provide granular protection of resources via the secure channel (So, for example, differentiated private data access.)

  • As we discussed last time, Paul England and I are working on a certifier supported Android implementation and I did a granular access control system for API and highly differentiated sharing over a certifier channel. This facilitates data sharing as well as secure conferencing.

• John asks (BC folks): We're trying to extend CC to client and embedded devices. You also saw, in that proposal, a Raspberry pi based hardware configuration that seems to support it. I thought Broadcom made the RP and I was wondering if you know any of the engineers who could help tell us about the interface.

• Reminder from CCC-TAC: CFCC Annual review: Proposed date - Thu, 06 Mar: John / Chris - Someone needs to respond to Renu Chauhan [email protected]

Status Updates

• 1 day session (sometime in 2/2025) in DC of CC at National Academy of Sciences. John will share Vimeo link. Talk from Qualcomm about diff cc Platforms.

• Paul England (ex-MS) and John working on a co doing research in CC area.

  • John developed secure-integrated protected scure channel. Added stuff to the CFCC library to do granular resource protection.
  • Gives granular access to resources like "files"
  • John has done it in a diff GitHub. Will port to CFCC repo and will generate a PR for this work.
  • John will share info. Aditya to open an Issue for the port.

• Paul & John working on getting CFCC on more clients. Talking to Qualcomm guys about this. To get wider deployment.

  • Working on Android implementation, which is all h/w for now.
  • Qualcomm's CCA is based on ARM architecture; Some discussion happened on this topic (Ye, Bokdeuk ...)
  • John to plan-ahead if any s/w components have to be peeled-off of their work and re-integrate back to CFCC repo

• #260 protobuf issues on Linux - talk to John.

• Notifications:

  • CCC Summit 2025 in SFO 17-18th June, and deadline for submitting presentation proposal is 17th Feb.

• Presentation from U.Missouri Ashish Pandey on their progress with CFCC:

  • Volunteer Edge Computing.

  • Use machines that are not cloud-based and to create group of machines for shared computing resources

  • Workflow from BioInformatics, demo'ing how data passes thru diff tools (in-built processes)

  • Looking at ways to inject CC to improve security of these nodes "volunteered" by 3rd-party providers

  • Want to execute tasks on machines that are CC and secure

  • Would like ACL mechanism built on top of CFCC, so cooperating users can share data between pieces of the workflow

  • Discussion:

    • Sample Py programs are failing due to missing CFCC library

Pending items from past backlog list

• Rado Reassigned to Ye - To investigate and come-up with a recommendation for a dynamic analysis tool to be implemented in our repo

  • 1/29/2025: Revisited. (CFCC wanted us to do this kind of pre-check working.) Pending for now ...

• Aditya -- once the tools / processes are identified, will coordinate with Ye & Rado to implement the dev/Ci-processes required.

• Aditya -- follow-up on code-level cleanup items for Ubuntu-Linux, sev-simulator changes

• Aditya will take John's recent writeup on Quantum safe crypto algorithms and update Wiki. Work w/ John to finalize.

• Ye investigated static analysis tooling. Resolved issue #251.

  • (1/29/2025): Re-discussed. The PR has been merged, and above issue can be closed. Need input from Keystone folks. Aditya to connect Keystone folks & Ye to drive this further.

  • (9/25/2024): Ye said he will try to charge-ahead w/local builds to overcome Keystone build issues. Change is not big; but would be better if it's verified by UCB Keystone folks.

  • (Aditya) Pushed off email to UCB Keystone owners asking for engineer to work with Ye on issue #251

  • 9/25/2024: Alex from UCB is trying to reach Dayeol Lee.

• Rado will try to push on integrating sanitizers into CFCC builds... back-burner work. (Rado's busy; won't be done any time soon.)

• Pari (Univ of Missouri): Trying to create multi-server communication with few diff Linux VMs.

  • Want to establish the connection between a cluster.
  • Want to customize few different workflows within the framework.
  • Was able to build very simple workflows as a POC
  • Using CFCC package to simulate the enclave, to securely process the workflows.
    • Have overcome bootstrap issues with using and integrating apps on top of CFCC library
  • Plan for a short demo on 2/27/2025: Message communication and execution of the workflow

Action Items

• (John asks) Would love to hear the status of ARM CC from Samsung.

• Aditya to follow-up w/Sal asking how the https://www.bestpractices.dev/en/projects/8912#analysis will be updated to reflect Ye's cleanup for static analysis tooling.

• Ye to follow-up w/John on CCC Intern project proposal. Aditya will help coordinate pushing this forward to CCC

• John to coordinate w/ Chris & Ye about CCC annual review

• U.Missouri AIs:

  • Log an Issue for Python example scenario.
  • Open up discussions items for questions they have

• Aditya / Ye - chase the CCC-summit multi-party demo & collateral and share with U.Miss team.