2025-09-05 –, Room 2
The RISC-V pKVM (Protected KVM) draws its name and core design ideas from the Arm pKVM, enabling confidential virtual machines by leveraging "existing" RISC-V hypervisor extensions.
The talk first describes how the initialization process deprivileges Linux into a virtual machine, ensuring that pKVM is executing exclusively in the hypervisor mode. With the untrusted part of the system securely isolated, the discussion shifts to the binary interfaces that cross architectural boundaries to enable confidential virtual machines: userspace ABI, guest SBI, and hypervisor SBI.
The hypervisor SBI is reframed as an internal kernel API, giving it flexibility without the burden of compatibility. Another important reason to develop pKVM was the potential for code reuse with both the RISC-V KVM and other Protected KVM solutions -- the talk explores the extent to which the potential has been fulfilled, and why pKVM is not written in Rust (yet?).
And for those who enjoy waiting for RISC-V, the talk will tease a different KVM-based solution utilizing upcoming ISA extensions.