YoVDO

Virtualizing Arm TrustZone on KVM

Offered By: KVM Forum via YouTube

Tags

KVM Courses Virtualization Courses Virtual Machines Courses QEMU Courses Trusted Execution Environment Courses ARM TrustZone Courses Confidential Computing Courses OP-TEE Courses Paravirtualization Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the virtualization of Arm TrustZone on KVM in this 28-minute conference talk from KVM Forum. Learn about the current limitations of KVM in supporting TrustZone virtualization and discover the proposed solution to extend KVM for exposing virtual TrustZone to virtual machines. Understand the techniques used to virtualize TrustZone's CPU features, including multiplexing virtual EL3 and secure EL1 on normal world EL1, and the trap-and-emulate approach for handling sensitive instructions. Gain insights into the implementation of virtual secure memory and secure IO mapping in QEMU. Discover the prototype's capability to boot a paravirtualized OP-TEE and learn about future plans for open-sourcing the implementation. Explore potential next steps, including TrustZone exposure to confidential VMs based on pKVM and Arm CCA, as well as QEMU extensions for virtualizing secure IO devices like TZPC.

Syllabus

Virtualizing Arm TrustZone on KVM by Chun Yen Lin & Shih-Wei Li


Taught by

KVM Forum

Related Courses

Xenpwn - Breaking Paravirtualized Devices
SyScan360 via YouTube eBPF-based Extensible Paravirtualization for High Performance Applications
Linux Foundation via YouTube Enabling CI for Windows Guest Paravirtualized Drivers
Linux Foundation via YouTube KVM PV Feature Enablement up the Virtualization Stack
Linux Foundation via YouTube Changing Paravirt Lock-ops for a Changing World
Linux Foundation via YouTube