Linux Plumbers Conference 2022

Session

Confidential Computing MC

13 Sept 2022, 10:00

"Herbert" (Clayton Hotel on Burlington Road)

93. Upstream & Guest Distro support for Confidential Compute

Jianxiong Gao

13/09/2022, 10:00

Confidential compute is developing fast. However, at Google we are facing challenges regarding the maintenance and support of guest distros. In particular, we’re finding it difficult to maintain an efficient way of communicating with different distros and hard to test, validate, and merge fixes into guest distros.

Backporting fixes
Customers do not always run the guest with the latest...

142. Unmapped Private Memory for Confidential Guests

Michael Roth (AMD)

13/09/2022, 10:20

Unmapped Private Memory (UPM) has been proposed as a new way to manage private guest memory for KVM guests. This session is intended to address any outstanding items related to the development/planning of Unmapped Private Memory support (UPM) for confidential guests. Some potential topics are listed below (though the actual agenda will be centered around topics that are still outstanding at...

117. Securely booting confidential VMs with encrypting disk

Dov Murik (IBM), Tobin Feldman-Fitzthum (IBM)

13/09/2022, 10:40

Confidential Computing technologies offer guest memory encryption, but there’s no standard way to securely start a confidential VM with encrypted disk. Such VMs must unlock the disk inside the guest, so the passphrase is not accessible to the host. However, in TDX and SEV-SNP guest attestation and secure secret injection depend on guest kernel features, so grub cannot be used for unlocking....

137. Using DICE Attestation for SEV and SNP Hardware Rooted Attestation

Peter Gonda (Google)

13/09/2022, 11:00

Device Identifier Composition Engine (DICE) is a measured boot solution for systems without a TPM or similar hardware based capabilities. DICE is a layered approach meaning that each layer or software component of a boot takes inputs from the previous layer, its measurement and certificate, and then generates the same for the next phase of the boot. The output of this layering provides a...

228. Hardening Linux guest kernel for CC

Elena Reshetova (Intel)

13/09/2022, 11:20

A lot of effort in past couple of years has been spent in enabling various CC HW technologies (AMD SEV, Intel TDX) to be able to support Linux guests. However in order to be able to provide an adequate level of security for CC Linux guests (regardless of the underlying chosen HW technology), we need to collaborate together to harden the core Linux kernel codebase, as well as drivers that are...

252. The elephants in the confidential room: Attestation and verification

Mr Samuel Ortiz (Rivos)

13/09/2022, 12:10

While a lot of efforts are being put towards platform enabling for confidential computing, there's one fundamental part of the technology that we ignore more often than not: Attestation.

Without having a way to verify that the data we're trying to protect with confidential computing platforms is generated by a TCB that we know and validate, the whole confidential computing trust model falls...

235. Identifying and Eliminating Contention from Booting Concurrent SNP VMs

Jacky Li (Google), Marc Orr (Google)

13/09/2022, 12:30

We will present an evaluation of concurrent boot time of CVMs running under AMD’s SEV-SNP technology. Specifically we will discuss how booting SNP VMs concurrently can significantly slow down each other due to software bottlenecks in managing the RMP page state.

Then, we will discuss different mitigations that we’ve identified ranging from reducing lock contention to rate limiting Page...

113. Testing Intel TDX functionality with new set of self tests

Sagi Shahar (Google)

13/09/2022, 12:50

The new TDX architecture makes changes to the hardware and the host and guest software stacks.
All of these components are being developed simultaneously and are constantly changing. As the host kernel changes, we need a system to test its functionality which is independent from the guest enlightenment changes and doesn’t rely on a fully functional system which doesn’t exist yet.

We...

158. Interrupt Security for AMD SEV-SNP

Ashish Kalra

13/09/2022, 13:10

Discussion about SEV-SNP support for Restricted Interrupt Injection and Alternate Interrupt Injection. These features enforce additional interrupt and event injection security protections designed to help protect against malicious injection attacks. Safe isolation between an SNP-protected guest and its host environment requires restrictions on the type of exception and interrupt dispatch that...