💾 Archived View for gemini.bortzmeyer.org › fosdem › event-10873.gmi captured on 2022-04-29 at 01:14:46. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-17)
-=-=-=-=-=-=-
Martin Radev
Type devroom
Starts on day 1 (2021-02-06) at 13:55 (Brussels time, UTC+1) in room Hardware trusted (duration 00:25)
Matrix room #hardware trusted:fosdem.org
Supported since Linux 5.10, the AMD SEV Encrypted State (SEV-ES) feature can be used to protect the confidentiality of a virtual machine (VM) by means of encryption and attestation.
Although the memory and registers of the VM are encrypted, the VM still communicates with the hypervisor for the emulation of special instructions and devices.
Because these operations have not been previously considered part of the attack surface, we discovered that a malicious hypervisor can provide semantically incorrect information in order to bypass SEV-ES.
In this talk, I provide technical details on the handling of special operations with SEV-ES, practically show how the original implementation could be exploited, and finally I show how the interfaces were hardened to fix the issues.