September 14-15, 2017 - Los Angeles, CA
Click Here For Information & Registration
Back To Schedule
Friday, September 15 • 11:25am - 12:10pm
Protecting VM Register State with AMD SEV-ES - David Kaplan, AMD

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
At LSS 2016, the AMD Secure Encrypted Virtualization (SEV) feature was discussed, which enabled encryption of a VM memory space to protect it from the hypervisor. In this talk, David Kaplan will present the new SEV with Encrypted State (SEV-ES) feature which can further protect VMs by protecting the VM guest register state during world switches. The SEV-ES feature protects against register state leakage and control flow manipulation by the hypervisor by encrypting guest register state and creating a new x86 exception for handling virtualization intercepts.

In addition to presenting the hardware functionality of SEV-ES, this talk will discuss the status of Linux/KVM enablement of both the SEV and SEV-ES features and provide code pointers for anyone interested in playing with these technologies.

avatar for David Kaplan

David Kaplan

Security Architect, Advanced Micro Devices
David Kaplan is a Fellow at AMD who focuses on developing new security technologies across the AMD product line as part of the Product Security Organization. He is the lead architect for the AMD encrypted virtualization features and has worked on both CPU and SOC level security features... Read More →

Friday September 15, 2017 11:25am - 12:10pm PDT
Gold 4