Overview
Explore AMD's Secure Encrypted Virtualization (SEV) technology and its latest advancement, SEV-TIO, in this 30-minute KVM Forum conference talk. Delve into the world of confidential computing, where guest VMs are protected from hosting environments through data-in-use confidentiality and integrity measures. Learn how SEV-TIO extends the trust boundary to include PCI devices, enhancing security and improving I/O performance for AMD SEV-SNP guests. Discover the role of the new PCI TEE Device Interface Security Protocol (TDISP) specification in standardizing device interactions with confidential computing technologies. Gain insights into the benefits of SEV-TIO and understand how host software like KVM/QEMU manages secure device-guest bindings and lifecycles, including initialization, attestation, and resource assignment processes.
Syllabus
AMD SEV-TIO: Trusted I/O for Secure Encrypted Virtualization
Taught by
KVM Forum