Confidential computing is a family of techniques to enhance security and confidentiality for data in use. One technical approach is strong isolation for virtual machines.
AMDs Secure Encrypted Virtualization (SEV) offers several feature sets for isolation of guest virtual machines from an non-trusted host hypervisor and operating system. These feature sets include memory encryption, encryption of guest state including CPU registers and an attestation framework.
With OpenBSD 7.6 released in October 2024 we are now able to use the memory encryption features of AMD SEV to run OpenBSD as both
a confidential guest VM and
as a hypervisor providing a confidential execution environment.
Now, thanks to memory encryption the hypervisor is not able to peek into a guests memory and is not able to retrieve sensitive information. However, the state of the CPU registers used by the guest is still visible to the hypervisor.
Therefore, we implemented support of AMDs "Secure Encrypted Virtualization with State Encryption" (SEV-ES) for OpenBSD guests and hypervisor. With SEV-ES all CPU guest state is encrypted and hidden from the hypervisor.
In this talk we will explain the fundamentals of SEV and SEV-ES. Then we explore the challenges imposed by SEV-ES for both guest and hypervisor. Finally we will take a closer look into selected implementation details.
Hans-Jörg Höxer is employed at genua, a German firewall manufacturer, who is using OpenBSD as a secure and stable base for its products.