Accounting and Page Migration Challenges in Secure Guests Using FD-Based Private Memory
Offered By: KVM Forum via YouTube
Course Description
Overview
Explore the challenges of accounting and page migration in secure guests using FD-based private memory in this KVM Forum conference talk. Delve into the threat model for confidential virtual machines (CVMs) and understand how it impacts the trusted computing base (TCB). Learn about ongoing efforts to harden Linux against misbehaving device emulations and discover why certain security-sensitive devices require emulation within the TCB. Examine the COCONUT Secure VM Service Module (SVSM) and its utilization of VM privilege levels on AMD SEV-SNP hardware to provide secure services and device emulations for CVMs. Gain insights into the project's origins, its relationship to other SVSM implementations, and its integration into the KVM virtualization stack. Explore the underlying design principles and participate in discussions about future plans, including ideas for emulating security-sensitive devices and data storage solutions.
Syllabus
Accounting and page migration challenges in Secure guests using FD-based private memory
Taught by
KVM Forum
Related Courses
Confidential Computing in Cloud and EdgeRSA Conference via YouTube The Rise of Confidential Computing
RSA Conference via YouTube Enabling Rack-Scale Confidential Computing Using Heterogeneous Trusted Execution Environment
IEEE via YouTube Architectural Extensions for Hardware Virtual Machine Isolation to Advance Confidential Computing in Public Clouds
Linux Foundation via YouTube The Open Enclave SDK - Confidential Computing with Trusted Apps
Linux Foundation via YouTube