YoVDO

Virtualizing Arm TrustZone on KVM

Offered By: KVM Forum via YouTube

Tags

KVM Courses Virtualization Courses Virtual Machines Courses QEMU Courses Trusted Execution Environment Courses ARM TrustZone Courses Confidential Computing Courses OP-TEE Courses Paravirtualization Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the virtualization of Arm TrustZone on KVM in this 28-minute conference talk from KVM Forum. Learn about the current limitations of KVM in supporting TrustZone virtualization and discover the proposed solution to extend KVM for exposing virtual TrustZone to virtual machines. Understand the techniques used to virtualize TrustZone's CPU features, including multiplexing virtual EL3 and secure EL1 on normal world EL1, and the trap-and-emulate approach for handling sensitive instructions. Gain insights into the implementation of virtual secure memory and secure IO mapping in QEMU. Discover the prototype's capability to boot a paravirtualized OP-TEE and learn about future plans for open-sourcing the implementation. Explore potential next steps, including TrustZone exposure to confidential VMs based on pKVM and Arm CCA, as well as QEMU extensions for virtualizing secure IO devices like TZPC.

Syllabus

Virtualizing Arm TrustZone on KVM by Chun Yen Lin & Shih-Wei Li


Taught by

KVM Forum

Related Courses

UEFI Secure Boot in U-Boot
Linux Foundation via YouTube Fuzzing Embedded - Trusted Operating Systems Using AFL
nullcon via YouTube Shadow-Box v2 - The Practical and Omnipotent Sandbox for ARM
Black Hat via YouTube Maintaining a Community BSP Layer: Updating Meta-Tegra Through Major Changes
Linux Foundation via YouTube How ARM Systems are Booted - An Introduction to the ARM Boot Flow
Linux Foundation via YouTube