Jörg Rödel

Building Blocks of Confidential Computing

The software ecosystem for Confidential Computing is quickly evolving. With the availability of hardware and adoption of hyperscalers the technology also becomes more accessible to end users. In this talk I will look at the building blocks of virtualization-based Confidential Computing environments, starting at the hardware level, explaining the hypervisor and operating system support, up to integrity measured boot and user-space. I will also cover what is currently supported in Linux and the ongoing work.

back to overview

Watch Recording
 

Biography

Jörg Rödel is a Senior Linux Kernel Engineer and Confidential Computing architect at SUSE. Over the years he has made major contributions to the Linux kernel, starting with the AMD IOMMU driver, developing and maintaining the IOMMU subsystem in the Linux kernel, heavy improvements of nested virtualization support in KVM, over support for PTI in 32-bit x86 kernels to the implementation and upstreaming of AMD SEV-ES guest support. He regularily presents his work at local and international conferences and leads the Confidential Computing part of the Linux Plumbers Conference.