Coconut-SVSM - Early Attestation to Unlock Persistent State - KVM Forum
Offered By: KVM Forum via YouTube
Course Description
Overview
Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the ongoing work towards stateful services in the Coconut-SVSM platform for providing secure services to Confidential Virtual Machine guests on AMD SEV-SNP. Delve into the challenges and solutions for preserving state across reboots, enabling fully functional vTPM and persistent secure UEFI variable store for Secure Boot. Learn about the implementation of encrypted persistent storage backed by the host hypervisor, the remote attestation process for key retrieval, and the use of a host-side proxy for server communication. Examine current challenges, potential attacks, and future developments in supporting persistent state in SVSM. Gain insights from Stefano Garzarella, Principal Software Engineer at Red Hat and maintainer of Linux's vsock subsystem, and Oliver Steffen, Software Engineer specializing in confidential virtualization and virtual firmware.
Syllabus
Coconut-SVSM: Early attestation to unlock persistent state by Stefano Garzarella & Oliver Steffen
Taught by
KVM Forum
Related Courses
Google Cloud Confidential Computing: Qwik StartGoogle via Google Cloud Skills Boost A WASM Runtime for FaaS Protected by TEE
Linux Foundation via YouTube Accounting and Page Migration Challenges in Secure Guests Using FD-Based Private Memory
KVM Forum via YouTube Allowing an Intel TDX Module to Run Without SEAM - Development Techniques
Linux Foundation via YouTube AMD SEV-SNP Attestation - Establishing Trust in Guests
Linux Foundation via YouTube