Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Coconut-SVSM - Early Attestation to Unlock Persistent State - KVM Forum

KVM Forum via YouTube

Overview

Explore the ongoing work towards stateful services in the Coconut-SVSM platform for providing secure services to Confidential Virtual Machine guests on AMD SEV-SNP. Delve into the challenges and solutions for preserving state across reboots, enabling fully functional vTPM and persistent secure UEFI variable store for Secure Boot. Learn about the implementation of encrypted persistent storage backed by the host hypervisor, the remote attestation process for key retrieval, and the use of a host-side proxy for server communication. Examine current challenges, potential attacks, and future developments in supporting persistent state in SVSM. Gain insights from Stefano Garzarella, Principal Software Engineer at Red Hat and maintainer of Linux's vsock subsystem, and Oliver Steffen, Software Engineer specializing in confidential virtualization and virtual firmware.

Syllabus

Coconut-SVSM: Early attestation to unlock persistent state by Stefano Garzarella & Oliver Steffen

Taught by

KVM Forum

Reviews

Start your review of Coconut-SVSM - Early Attestation to Unlock Persistent State - KVM Forum

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.