COCONUT-SVSM on KVM: Progress, Plans, and Challenges

Explore the evolution of COCONUT Secure VM Service Module (COCONUT-SVSM) from a service module for confidential VMs to a paravisor layer for unenlightened operating systems in this 30-minute KVM Forum talk. Discover the COCONUT-SVSM community's achievements over the past year and learn about the project's direction towards paravisor support. Examine the challenges within the COCONUT codebase and upstream adoption in the KVM hypervisor. Gain insights into proposed solutions for supporting AMD SEV-SNP VMPLs and Intel TDX partitioning within KVM and QEMU, with a particular focus on the complexities of IRQ delivery architecture. Presented by Jörg Rödel, a long-term Linux kernel developer specializing in virtualization and confidential computing, and Roy Hopkins, an expert in data protection and isolation technologies with extensive knowledge of Intel SGX and AMD SEV.

COCONUT-SVSM on KVM: Progress, Plans, and Challenges by Jörg Rödel & Roy Hopkins