Protected KVM on Arm64: A Technical Deep Dive
Offered By: Linux Foundation via YouTube
Course Description
Overview
Dive into a comprehensive technical exploration of Protected KVM (pKVM) for Arm64 architecture in this 50-minute conference talk. Learn about this Confidential Computing solution designed for Arm v8.0+ CPUs, particularly targeting SoCs without dedicated hardware extensions. Discover how pKVM extends the existing KVM/arm64 nVHE hypervisor to manage the CPU's stage-2 MMU, enabling enhanced security through access-control restrictions on host accesses to guest memory. Explore the architecture and implementation of pKVM, including its applicability to various domains such as mobile (Android). Gain insights into potential opportunities for sharing core infrastructure with other Confidential Computing solutions like Intel TDX, AMD SEV, and Arm CC-A.
Syllabus
Protected KVM on Arm64: A Technical Deep Dive - Quentin Perret, Google
Taught by
Linux Foundation
Tags
Related Courses
Improving Bootup Performance of Containers with Overlay Images in TEE EnvironmentsLinux Foundation via YouTube Unifying Confidential Attestation - Strategies and Approaches
Linux Foundation via YouTube No More Turtles: The SecondaryVM Framework - An Alternative to Nested Virtualization
Linux Foundation via YouTube The Five Big Problems with Confidential Containers
Linux Foundation via YouTube Live Migration Architecture for Intel TDX-based Confidential VMs
Linux Foundation via YouTube