Overview
Explore a 25-minute conference talk from KVM Forum on securing interrupt delivery for SEV-SNP guests. Delve into the challenges of protecting virtual machine operating systems against malicious hypervisor attacks that exploit interrupt behavior assumptions. Learn about AMD's SEV-SNP features designed to prevent injection attacks, including the Alternate Injection approach utilizing Secure VM Service Module (SVSM) and APIC emulation. Gain insights from Melody Wang, an AMD Linux kernel team member specializing in secure virtualization, as she discusses implementing this security measure for SEV-SNP virtual machines.
Syllabus
Securing Interrupt Delivery for SEV-SNP Guests by Melody (Huibo) Wang
Taught by
KVM Forum