Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Supporting TEE on x86 Client Platforms with pKVM

Linux Foundation via YouTube

Overview

Explore the implementation of Protected Kernel-based Virtual Machine (pKVM) on x86 client platforms in this informative conference talk. Delve into the design principles of pKVM for x86, which aims to create multiple isolated Trusted Execution Environment (TEE) Virtual Machines with strong isolation from the host OS and user VMs. Learn about the key requirements, including minimal performance impact, small Trusted Computing Base (TCB) size, and reduced complexity in the host OS. Discover how TEE VMs can run alongside normal user VMs with minor changes to the host OS. Examine the architecture overview, performance evaluation, and future development plans for pKVM on x86. Gain insights into topics such as de-privileging the kernel, transparent platform resource management, memory protection, interrupt handling, MMIO handling, and DMA protection.

Syllabus

Intro
Use Scenario of TEE on Client Platform
Protected KVM (pKVM)
PKVM Flow Overview
De-privilege Kernel (ARM vs. X86) VS
Transparent Platform Resource
Memory Protection
Interrupt Handling
MMIO Handling
DMA Protection
Key Arch Comparation
PKVM-X86 Arch Overview
Performance Evaluation - Primary VM
Status Update & Next Step

Taught by

Linux Foundation

Reviews

Start your review of Supporting TEE on x86 Client Platforms with pKVM

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.