Explore a 25-minute conference talk from KVM Forum on securing interrupt delivery for SEV-SNP guests. Delve into the challenges of protecting virtual machine operating systems against malicious hypervisor attacks that exploit interrupt behavior assumptions. Learn about AMD's SEV-SNP features designed to prevent injection attacks, including the Alternate Injection approach utilizing Secure VM Service Module (SVSM) and APIC emulation. Gain insights from Melody Wang, an AMD Linux kernel team member specializing in secure virtualization, as she discusses implementing this security measure for SEV-SNP virtual machines.
Overview
Syllabus
Securing Interrupt Delivery for SEV-SNP Guests by Melody (Huibo) Wang
Taught by
KVM Forum
Related Courses
-
Interrupt Security for AMD SEV-SNP
-
Accounting and Page Migration Challenges in Secure Guests Using FD-Based Private Memory
-
Remote Attestation in AMD SEV-SNP Confidential VMs
-
The COCONUT Secure VM Service Module for Confidential Virtual Machines
-
SEV-SNP Development Status Update - Current Progress and Future Plans
-
Zero-Trust vTPM for AMD SEV-SNP Confidential Virtual Machines
