October 31 - November 1 | Lyon, France
View More Details  & Register Here
Back To Schedule
Friday, November 1 • 14:20 - 15:05
Upcoming x86 Technologies for Malicious Hypervisor Protection - David Kaplan, AMD

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This talk will introduce AMD SEV-SNP (Secure Nested Paging), the next generation of AMD’s x86 virtualization isolation technology. Building upon the existing AMD SEV and AMD SEV-ES features released in 2017, SEV-SNP provides additional hardware security that is designed to protect VMs from malicious hypervisors. SEV-SNP adds new memory integrity protection, new use models, and more flexibility in attestation and VM management when working with protected VMs in hostile environments.

This talk will delve into the specific security that is provided by the SEV-SNP architecture, the stronger threat model that it supports, and the new hardware structures and x86 instructions being added to implement these protections. Finally, this talk will discuss the impacts of these changes to the open source ecosystem and identify areas where Linux may desire to take advantage of these new protections.

avatar for David Kaplan

David Kaplan

Fellow, AMD
David Kaplan is a Fellow at AMD who focuses on developing new security technologies across the AMD product line as part of the Product Security Organization. He is the lead architect for the AMD encrypted virutalization features and has worked on both CPU and SOC level security features... Read More →

Friday November 1, 2019 14:20 - 15:05 CET
Forum 1
  Refereed Presentations