September 14-15, 2017 - Los Angeles, CA
Click Here For Information & Registration
Friday, September 15 • 11:25am - 12:10pm
Protecting VM Register State with AMD SEV-ES - David Kaplan, AMD

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
At LSS 2016, the AMD Secure Encrypted Virtualization (SEV) feature was discussed, which enabled encryption of a VM memory space to protect it from the hypervisor. In this talk, David Kaplan will present the new SEV with Encrypted State (SEV-ES) feature which can further protect VMs by protecting the VM guest register state during world switches. The SEV-ES feature protects against register state leakage and control flow manipulation by the hypervisor by encrypting guest register state and creating a new x86 exception for handling virtualization intercepts.

In addition to presenting the hardware functionality of SEV-ES, this talk will discuss the status of Linux/KVM enablement of both the SEV and SEV-ES features and provide code pointers for anyone interested in playing with these technologies.

avatar for David Kaplan

David Kaplan

Security Architect, AMD
David Kaplan is a Fellow at AMD who focuses on developing new security technologies across the AMD product line as part of the Security Architecture Research and Development center. He is the lead architect for the AMD memory encryption features and has worked on both CPU and SOC... Read More →

Friday September 15, 2017 11:25am - 12:10pm
Gold 4

Attendees (23)