Dates
Conferences
Tags
Sort by:
Most recent
Conference: Linux Security Summit Europe 2022
Authors: Roman Volosatovs, Jarkko Sakkinen
2022-09-16
We go through the current state of the Intel SGX support in the Linux kernel and userland. The topics covered include the kernel interface and its features, and available confidential computing run-times supporting SGX. Since getting into the mainline kernel late 2020, the SGX software ecosystem has started to get mature enough for production, and is the only cloud-scale confidential computing technology fully in the mainline kernel so far.
Conference: Linux Security Summit Europe 2022
Authors: Jun Nakajima
2022-09-16
tldr - powered by Generative AI
The presentation discusses the inclusion of IO devices into Trusted Execution Environments (TEE) and the software changes required to support it.
- Current IO virtualization technologies for TEEs have limitations and incur significant performance overhead
- Direct access to hardware IO devices in VMs requires hardware support such as MMIO and DMA remapping capability
- Devices and VMs need to be trusted for protection and isolation
- Intel TDX architecture supports direct assignment and establishment of trust between TDI and TDS
- Software changes are required for Intel TDX in support of TEIO
- High-level software flows and new functionality enable Intel TDX support in TEEs