Description
The Confidential Computing microconferences in the past years brought together developers working secure execution features in hypervisors, firmware, Linux Kernel, over low-level user space up to container runtimes. A broad range of topics was discussed ranging from enablement for hardware features up to generic attestation workflows.
-
Dhaval Giani, Joerg Roedel (SUSE)14/11/2023, 14:30
Short welcome and introduction into the microconference and the topics to be discussed.
Go to contribution page -
Joerg Roedel (SUSE)14/11/2023, 14:35
Discuss the next development steps for the COCONUT-SVSM.
Go to contribution page -
Claudio Carvalho (IBM)14/11/2023, 14:45
The Trusted Platform Module (TPM) is an industry standard that is widely used as hardware root-of-trust for UEFI measured boot, Integrity Measurement Architecture (IMA) and remote attestation. Although virtual TPMs play the same role for VMs, standard vTPMs cannot be safely used for Confidential VMs since their state would be accessible by the hypervisor, which is considered an untrusted...
Go to contribution page -
Samuel Ortiz14/11/2023, 15:00
At the 2022 confidential computing LPC microconference, we talked about the elephant in the confidential computing room: guest attestation and verification. We showed how opaque, fragmented and closed this essential piece of the confidential computing puzzle is, adding one more hurdle to this technology adoption.
During the past year, the Confidential Containers project worked on putting...
Go to contribution page -
Tobin Feldman-Fitzthum (IBM)14/11/2023, 15:20
When designing an attestation framework, implementing a client which runs inside a confidential guest might seem like the simplest part, but this session will introduce several subtle factors that can undermine security and usability if not addressed. We will discuss how these issues might apply to different confidential projects and how they can be resolved. We will include some provocative...
Go to contribution page -
Pankaj Gupta, Thomas Lendacky14/11/2023, 15:40
Confidential VM live migration involves migrating the running secure VM on the same host or to another host. Vendors are designing solutions to achieve this based on underlying Coco technology. AMD SEV-SNP plans to achieve this with the co-operation of an SVSM (Secure VM Service Module), or similar service, running in guest context. Intel plans to achieve this with a migration TD VM.
Go to contribution page
The goal... -
Dan Williams (Intel Open Source Technology Center), Jeremy Powell, Samuel Ortiz, Steffen Eiden (IBM Germany), Thomas Lendacky14/11/2023, 16:30
This is the umbrella topic for secure I/O discussions. The discussions will overflow into BoF sessions.
Go to contribution page -
Mingwei Zhang (Google), Jacky Li (Google), Sean Christopherson (Google)14/11/2023, 17:00
It is well known that in AMD CPUs prior to Milan, cache lines within a confidential VM are incoherent with those outside of confidential VMs. SME_COHERENT is a feature introduced by AMD 3rd gen EPYC to improve cache coherency in their confidential computing environment. However, as testing demonstrates, SME_COHERENT does not support cache coherence between CPU and devices. This means that...
Go to contribution page -
Dan Williams (Intel Open Source Technology Center)14/11/2023, 17:15
The [configfs-tsm proposal][1] arose from the observation that there are several platform vendors all building similar confidential-computing functionality features into their products. It makes the assertion that the kernel has a role to play and a vested interest in aligning stakeholders behind common ABI. Going forward attestation reports are just one example of shared interfaces that the...
Go to contribution page -
ATISH PATRA (Rivos), RAVI SAHITA (Rivos)14/11/2023, 17:30
This session aims to cover the ongoing development of the RISC-V architecture for Confidential VM Environment (CoVE) using ratified RISC-V privileged ISA extensions and proposed new ISA extensions (SmMTT). This session will describe the ongoing specifications for proposed ABI, ISA and SoC requirements that enable Confidential Computing on RISC-V-based platforms. The common/abstract aspects...
Go to contribution page -
Nikunj Dadhania14/11/2023, 17:40
TSC value calculations for guests are controlled by the hypervisor. A malicious hypervisor can prevent guests from moving forward. The Secure TSC feature for SEV-SNP allows guests to securely use RDTSC and RDTSCP instructions. This ensures the guest gets a consistent view of time and can prevent a malicious hypervisor from making it appear that time rolls backwards, increments at a...
Go to contribution page -
Kishon Vijay Abraham I, Suravee Suthikulpanit14/11/2023, 17:50
SEV-SNP is a security feature that protects the confidentiality and integrity of VM memory from 'malicious' hypervisors or other VMs. Secure AVIC is a new HW feature added to SEV-SNP to prevent a 'malicious' hypervisor from generating unexpected interrupts to a vCPU or otherwise violate architectural assumptions around APIC behavior.
One of the significant differences from AVIC or emulated...
Go to contribution page