YoVDO

Virtualizing Arm TrustZone on KVM

Offered By: KVM Forum via YouTube

Tags

KVM Courses Virtualization Courses Virtual Machines Courses QEMU Courses Trusted Execution Environment Courses ARM TrustZone Courses Confidential Computing Courses OP-TEE Courses Paravirtualization Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the virtualization of Arm TrustZone on KVM in this 28-minute conference talk from KVM Forum. Learn about the current limitations of KVM in supporting TrustZone virtualization and discover the proposed solution to extend KVM for exposing virtual TrustZone to virtual machines. Understand the techniques used to virtualize TrustZone's CPU features, including multiplexing virtual EL3 and secure EL1 on normal world EL1, and the trap-and-emulate approach for handling sensitive instructions. Gain insights into the implementation of virtual secure memory and secure IO mapping in QEMU. Discover the prototype's capability to boot a paravirtualized OP-TEE and learn about future plans for open-sourcing the implementation. Explore potential next steps, including TrustZone exposure to confidential VMs based on pKVM and Arm CCA, as well as QEMU extensions for virtualizing secure IO devices like TZPC.

Syllabus

Virtualizing Arm TrustZone on KVM by Chun Yen Lin & Shih-Wei Li


Taught by

KVM Forum

Related Courses

Confidential Computing in Cloud and Edge
RSA Conference via YouTube The Rise of Confidential Computing
RSA Conference via YouTube Enabling Rack-Scale Confidential Computing Using Heterogeneous Trusted Execution Environment
IEEE via YouTube Architectural Extensions for Hardware Virtual Machine Isolation to Advance Confidential Computing in Public Clouds
Linux Foundation via YouTube The Open Enclave SDK - Confidential Computing with Trusted Apps
Linux Foundation via YouTube