2024-09-23 –, Hall C+D
While almost all VM operating systems support interrupt and exception handling, some operating system may have certain built-in assumptions about interrupt behavior based on bare-metal hardware. A malicious hypervisor can break down these assumptions and put guest drivers or guest OS kernels into an unexpected state which could lead to a security issue.
To address this concern, SEV-SNP supports features to protect the guest against malicious injection attacks. The preferred method is Restricted Injection, but this was rejected by upstream. This talk introduces another approach, the Alternate Injection feature of SEV-SNP, which will use Secure VM Service Module (SVSM), and APIC emulation in the SVSM to secure interrupt delivery into an SEV-SNP guest.
Melody works for AMD in the Linux kernel team on secure virtualization. Currently she is working on implementing alternate injection for SEV-SNP virtual machines. In the past, Melody had worked on the security of trusted execution environment, including AMD SEV series and Intel SGX. She was specializing in computer system security and privacy, including cloud computing, blockchain, and data privacy.