Explore the intricacies of Confidential VM live migration in KVM during this 20-minute conference talk from the Linux Plumbers Conference. Delve into the design details of AMD SEV-SNP's live migration solution, which utilizes a Secure VM Service Module (SVSM) running in guest context. Compare this approach with Intel's plan to achieve migration through a migration TD VM. Gain insights into the challenges and solutions for migrating running secure VMs on the same host or to another host. Examine the potential for creating a common API that can be used across all vendors to support live migration of confidential VMs. Understand the role of underlying Coco technology in enabling these solutions and how it impacts the overall security and performance of live migration processes.
Overview
Syllabus
Supporting Live Migration of Confidential VMs in KVM - Pankaj Gupta
Taught by
Linux Plumbers Conference
Related Courses
-
Remote Attestation in AMD SEV-SNP Confidential VMs
-
Providing Confidential Guest Services with a Secure VM Service Module on AMD
-
SNP Live Migration with Guest-memfd and Mirror VM - KVM Forum
-
COCONUT-SVSM on KVM: Progress, Plans, and Challenges
-
Live Migration Architecture for Intel TDX-based Confidential VMs
-
The COCONUT Secure VM Service Module for Confidential Virtual Machines
