Exploring GPU Simulation Capabilities in Keystone's QEMU Implementation
53 views
Skip to first unread message
JLtCC CK
Nov 26, 2023, 6:44:45 AM11/26/23
to Keystone Enclave Forum
Hello Keystone Community,
I am currently exploring the capabilities of the Keystone framework, particularly in relation to its implementation on the QEMU platform. My project involves certain aspects where GPU acceleration might be beneficial, and I am curious about the extent of GPU simulation support within the Keystone-QEMU environment.
Could you please provide information or guidance on the following points?
1. GPU Simulation Support: Does Keystone's implementation in QEMU support GPU simulation? If so, to what extent is this supported (basic graphics, high-performance computing, etc.)?
2. Configuration and Setup: In case GPU simulation is supported, what are the necessary steps for configuration and setup? Are there any specific requirements or limitations that I should be aware of?
3. Performance and Limitations: How does the GPU simulation in Keystone's QEMU environment compare in terms of performance with native hardware? Are there any significant limitations or considerations that I should take into account for development and testing purposes?
4. Use Cases and Recommendations: I would also appreciate any insights or recommendations on use cases where GPU simulation within Keystone-QEMU has been effectively utilized.
Any information, experiences, or advice from the community would be highly beneficial and greatly appreciated. Thank you in advance for your time and assistance.
Best regards,
yan tianming
I am currently exploring the capabilities of the Keystone framework, particularly in relation to its implementation on the QEMU platform. My project involves certain aspects where GPU acceleration might be beneficial, and I am curious about the extent of GPU simulation support within the Keystone-QEMU environment.
Could you please provide information or guidance on the following points?
1. GPU Simulation Support: Does Keystone's implementation in QEMU support GPU simulation? If so, to what extent is this supported (basic graphics, high-performance computing, etc.)?
2. Configuration and Setup: In case GPU simulation is supported, what are the necessary steps for configuration and setup? Are there any specific requirements or limitations that I should be aware of?
3. Performance and Limitations: How does the GPU simulation in Keystone's QEMU environment compare in terms of performance with native hardware? Are there any significant limitations or considerations that I should take into account for development and testing purposes?
4. Use Cases and Recommendations: I would also appreciate any insights or recommendations on use cases where GPU simulation within Keystone-QEMU has been effectively utilized.
Any information, experiences, or advice from the community would be highly beneficial and greatly appreciated. Thank you in advance for your time and assistance.
Best regards,
yan tianming
Eric Thomas Schneider
Dec 1, 2023, 11:18:20 PM12/1/23
to Keystone Enclave Forum
Hi Yan,
Keystone doesn't do anything specific related to GPUs as far as I know. I'm not sure if DMA (direct memory access) could work inside enclave memory; it seems like that would be pretty insecure.
Regarding #1 (and some of the latter questions), it's important to understand that QEMU is a separate project from Keystone. QEMU is an emulator/virtual machine, and yes, it seems to have some implementation for a virtual GPU. I'm guessing it's more for basic graphics, and I'd also wager that the performance is dogshit. That's the price of emulation.
There are some papers on using GPUs in enclaves, although I don't know which use Keystone. I would search through Google Scholar a bit.
I hope that helps a bit? Though I am not an expert in anything.
Eric
Dayeol Lee
Dec 2, 2023, 3:57:28 PM12/2/23
to Eric Thomas Schneider, Keystone Enclave Forum
Hello Yan,
Eric is 100% correct in that Keystone doesn't do anything specific to GPU.
For now, Keystone does not implement anything related to I/O memory protection, nor GPU TEEs.
I believe GPU TEE designs are pretty new and only some newest NVIDIA GPUs support it under confidential VMs (e.g., SEV or TDX).
There is some academic work on GPU TEEs with enclaves (e.g., SGX), or RISC-V-based architecture for device support but I haven't seen Keystone-specific ones so far.
Hope that helps,
Dayeol
--
You received this message because you are subscribed to the Google Groups "Keystone Enclave Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keystone-enclave-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keystone-enclave-forum/8c320f59-21e9-4a03-af41-9ae6bb8aa8d2n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages