Protected KVM on Arm64: A Technical Deep Dive
Offered By: Linux Foundation via YouTube
Course Description
Overview
Dive into a comprehensive technical exploration of Protected KVM (pKVM) for Arm64 architecture in this 50-minute conference talk. Learn about this Confidential Computing solution designed for Arm v8.0+ CPUs, particularly targeting SoCs without dedicated hardware extensions. Discover how pKVM extends the existing KVM/arm64 nVHE hypervisor to manage the CPU's stage-2 MMU, enabling enhanced security through access-control restrictions on host accesses to guest memory. Explore the architecture and implementation of pKVM, including its applicability to various domains such as mobile (Android). Gain insights into potential opportunities for sharing core infrastructure with other Confidential Computing solutions like Intel TDX, AMD SEV, and Arm CC-A.
Syllabus
Protected KVM on Arm64: A Technical Deep Dive - Quentin Perret, Google
Taught by
Linux Foundation
Tags
Related Courses
vSGX: Virtualizing SGX Enclaves on AMD SEVIEEE via YouTube Securing Linux VM Boot with AMD SEV Measurement
Linux Foundation via YouTube Improving Bootup Performance of Containers with Overlay Images in TEE Environments
Linux Foundation via YouTube No More Turtles: The SecondaryVM Framework - An Alternative to Nested Virtualization
Linux Foundation via YouTube The Five Big Problems with Confidential Containers
Linux Foundation via YouTube