Protected Execution Facility: Enhancing Security for Virtual Machines

Explore the Protected Execution Facility, an architectural modification for IBM Linux and OpenPower Linux servers, in this informative conference talk by Guerney D. H. Hunt from IBM Research. Delve into the challenges of keeping applications and containers secure in the face of attacks and compromised components. Learn about the associated firmware, the Protected Execution Ultravisor, which provides additional security to virtual machines, known as secure virtual machines (SVMs). Discover how this facility supports both normal VMs and SVMs concurrently, and understand the protections and restrictions applied to SVMs. Compare vendor approaches to providing security in potentially compromised hypervisor or OS environments. Gain insights into creating and running SVMs, base principles, architecture implications, revocation, limitations, and boot changes. Examine interfaces to the Ultravisor ultra calls, KVM changes, kernel modifications, and hardware alterations. Conclude with a summary of the Protected Execution Facility and an overview of relevant IBM secure processor products and research.

Intro
Acknowledgements
Team
Objectives for Protected Execution Facility
Creating and Running SVM
Base Principles
Overview of architecture
Architecture implication for the hypervisor
Architecture at the VM level
Revocation
Limitations
Contents of ESM blob
SVM format and Booting
Steps to start Secure VM
Boot Changes
Interfaces to the Ultravior ultra calls
KVM Changes
Kernel Changes
Brief Introduction to some of the hardware changes
Summary of Protected Execution Facility
Relevant IBM secure processor products and Research