Explore the innovative approach to emulating Microsoft's Virtual Secure Mode (VSM) using QEMU and KVM in this 29-minute conference talk from KVM Forum. Dive into the core concepts of VSM, a virtualization-based security technology that leverages hypervisor capabilities to protect guest data against compromises. Learn about the challenges faced in emulating VSM in KVM and discover the novel design based on sharing multiple KVM VMs within a single QEMU VM, known as "Companion VMs." Understand how this approach models VSM's privileged execution contexts as distinct KVM VMs and explore its potential applications in confidential computing and enhancing device emulation security. Get an update on the efforts to upstream this work in both KVM and QEMU, and gain insights from Nicolas Saenz Julienne, a senior kernel and hypervisor engineer at AWS with expertise in hardware/software interfaces and open-source collaboration.
Emulating Hyper-V's Virtual Secure Mode with QEMU and KVM
Overview
Syllabus
Emulating Hyper-V's Virtual Secure Mode (VSM) with QEMU and KVM by Nicolas Saenz Julienne
Taught by
KVM Forum
Related Courses
-
Hyper-V's Virtual Secure Mode in KVM - Project Update
-
Analyzing Nested CVM Performance on KVM/QEMU and Linux Root Partition for Hyper-V - Comparative Study
-
Virtualizing Arm TrustZone on KVM
-
Enabling Windows Credential Guard in KVM
-
The COCONUT Secure VM Service Module for Confidential Virtual Machines
-
Hot-Resizing of Windows VMs via Hyper-V Dynamic Memory Protocol
