KVM Forum 2024

Virtio and the chamber of secrets
2024-09-22 , Hall C+D

Confidential computing - making VM guest secrets harder for
the hypervisor to access - is getting more and more important as
time goes by.

Virtio (and paravirtualization generally), fundamentally, can be thought of as
a means of improving guests by making use of hyprevisor functionality. To what
level can this still be beneficial when the guest does not want to fully trust
the hypervisor?

This talk will try to address these questions, by touching on the following
areas:

  • review of new features / devices and how they interact with
    confidential computing
  • status and plans of hardening (improving confidentiality)
    with virtio on Linux
  • known open issues and how you can help
See also: Presentation in pdf format (2.8 MB)

Michael S. Tsirkin
Red Hat
Distinguished Engineer
Michael has been with Red Hat for more than 15 years. In his role as a Distinguished Engineer he acts as a chair of the Virtio Technical Committee, overseeing the development of the virtio specification for virtual devices. He also maintains several subsystems in QEMU and Linux and has over the years made multiple contributions to QEMU, Linux and KVM.