Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The COCONUT Secure VM Service Module for Confidential Virtual Machines

KVM Forum via YouTube

Overview

Explore the COCONUT Secure VM Service Module (SVSM) in this 30-minute KVM Forum conference talk. Delve into the world of confidential virtual machines (CVMs) and learn how the threat model shifts the hypervisor out of the trusted computing base (TCB). Discover the ongoing efforts to harden Linux against misbehaving device emulations and understand why certain security-sensitive devices require emulation within the TCB. Examine how the COCONUT SVSM leverages VM privilege levels on AMD SEV-SNP hardware to provide secure services and device emulations for CVMs. Gain insights into the project's origins, its relationship with other SVSM implementations, and its integration into the KVM virtualization stack. Explore the underlying design principles and engage in discussions about future plans, including ideas for emulating security-sensitive devices and data storage solutions.

Syllabus

The COCONUT Secure VM Service Module

Taught by

KVM Forum

Reviews

Start your review of The COCONUT Secure VM Service Module for Confidential Virtual Machines

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.