Hardening Linux for Confidential Cloud Computing - Deep Dive and Results

Explore the intricacies of hardening Linux guest systems for confidential cloud computing in this 50-minute technical deep dive presented by Elena Reshetova from Intel. Delve into the evolving security landscape where cloud tenants no longer need to trust the software stack provided by Cloud Service Providers. Examine the efforts to enhance the mainline Linux kernel for use as a secure VM guest kernel, focusing on the treatment of individual kernel subsystems and communication mechanisms. Learn about implemented hardening security mechanisms and gain insights from fuzzing and manual code audit activities. Discover open-source tools and documentation for the project, and engage with discussion points on memory management, transit execution attacks, and other critical aspects of Linux guest hardening for confidential cloud environments.