Hi,
the organizers of the Linux Plumbers Conference 2022 have recently
opened the CfP for microconferences and I thought it would be great to
have another Confidential Computing microconference to bring everyone
together and discuss open problems.
I drafted a proposal for review, feel free to make improvements and/or
add more topics. Please also forward this email to other people who
might be interested, but which I missed here.
If anyone is interested in co-organizing this microconference, please
contact me. I am open to any helping hand :)
I plan to submit the proposal to the LPC website end of next week to get
things going.
Thanks,
Joerg
Here is the current proposal text:
Confidential Computing Microconference
======================================
Last years inaugural Confidential Computing microconference brought
together plumbers enabling secure execution features in hypervisors,
firmware, Linux Kernel, over low-level user space up to container
runtimes.
Good progress was made on a couple of topics, most outstanding here is
the development of Linux guest support for Intel TDX[1] and AMD
SEV-SNP[2]. The patch-sets for both are under intensive review and come
close to be merged upstream.
The discussions in the microconference also helped to move other topics
forward, such as support for un-accepted memory[3] or deferred memory
pinning[4] for confidential guests.
But enabling Confidential Computing in the Linux ecosystem is an ongoing
process, and there are still many problems to solve. The most important
ones are:
* Design and implementation of Intel TDX and AMD SEV-SNP host
support
* Linux kernel memory management changes for secure execution
environments
* Support of upcoming secure execution hardware extensions
from ARM and RISC-V
* Pre-launch and runtime attestation workflows
* Interrupt security for AMD SEV-SNP
* Debuggability and live migration of encrypted virtual machines
* Proper testing of confidential computing support code
The Confidential Computing Microconference wants to bring together
plumbers working on secure execution features to discuss these and other
open problems.
[1] https://lore.kernel.org/all/[email protected]/
[2] https://lore.kernel.org/all/[email protected]/
[3] https://lore.kernel.org/all/[email protected]/
[4] https://lore.kernel.org/all/[email protected]/
Key Attendees:
* Andi Kleen <[email protected]>
* Andy Lutomirski <[email protected]>
* Borislav Petkov <[email protected]>
* Brijesh Singh <[email protected]>
* Dr. David Alan Gilbert <[email protected]>
* Dave Hansen <[email protected]>
* David Hildenbrand <[email protected]>
* David Kaplan <[email protected]>
* David Rientjes <[email protected]>
* Joerg Roedel <[email protected]>
* Jun Nakajima <[email protected]>
* Kirill A. Shutemov <[email protected]>
* Marc Orr <[email protected]>
* Mike Rapoport <[email protected]>
* Paolo Bonzini <[email protected]>
* Peter Gonda <[email protected]>
* Sathya Kuppuswamy <[email protected]>
* Sean Christopherson <[email protected]>
* Tom Lendacky <[email protected]>