September 15 - 16, 2022 | Dublin, Ireland + Virtual
View More Details & Registration Information
Note: The schedule is subject to change.

Please note all session times are listed in Irish Standard Time (IST), UTC +1.
To view the schedule at your preferred time, please choose your location on the right-hand navigation panel under ’Timezone.’

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Linux Security Summit Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Back To Schedule
Friday, September 16 • 14:20 - 15:05
Introducing IO Devices into Trusted Execution Environments - Jun Nakajima, Intel Corporation

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Confidential computing protects data in use by performing computation in a hardware-based Trusted Execution Environment (TEE) such as Intel SGX or Intel’s upcoming Trust Domain Extensions (Intel TDX). Today, PCIe-attached devices are outside the TEE’s trust boundary and not allowed to read/write confidential memory. This limitation requires TEE VMs to stage the data sent or received from devices in a shared memory buffer accessible to the TEE, IO device and VMM. Further, to protect the confidentiality and integrity of data in the buffer, the data must be encrypted by the sender (either the IO device or TEE VM), transferred to the shared buffer, then decrypted by the receiving entity using software-based encryption/decryption. This process results in additional latency and overhead that negatively impacts application performance. This presentation will focus on security and software changes required to support IO in trusted execution environments. The software requirements for TEE VMs to securely use a device in the Trusted Computing Base with DMA operations against confidential memory using encryption/decryption will be discussed.

avatar for Jun Nakajima

Jun Nakajima

Sr. Principal Engineer, Intel Corporation
Jun Nakajima is a Senior Principal Engineer at the Intel Open Source Technology Center, leading virtualization and security for open source projects. Jun presented a number of times at technical conferences, including LSS, KVM Forum, Xen Summit, LinuxCon, OpenStack Summit, and USENIX... Read More →

Friday September 16, 2022 14:20 - 15:05 IST
Liffey A (Level 1)
  Refereed Presentations
  • Speaker Details Virtual
  • Presentation Slides Attached Yes