KVM Forum 2021 has ended
Virtual Event | September 15-16, 2021
View More Details

The Sched app allows you to build your schedule but is not a substitute for your event registration. In addition, you must be registered for KVM Forum to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Coordinated Universal Time (UTC)Please select from the drop-down menu to the right to see the schedule in your preferred timezone above "Filter by Date."
Back To Schedule
Thursday, September 16 • 14:35 - 15:00
Secure Live Migration of Encrypted VMs - Tobin Feldman-Fitzthum & Dov Murik, IBM

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Most Confidential Computing platforms, such as AMD SEV, encrypt guest memory and CPU state, not allowing the hypervisor to access either. This complicates live VM migration. In a non-secure setting, the hypervisor copies memory from the source node to the destination node and coordinates the CPU state of the source VM and destination VM. In a secure setting, without  access to guest memory or CPU state, the hypervisor needs help from a trusted agent inside the guest to facilitate live migration. We are implementing live migration support in firmware. In this session, we will describe in detail the current and future challenges for migrating encrypted VMs. We will walk through our modified firmware and demonstrate how it can be used with QEMU and SEV VMs.


Tobin Feldman-FItzthum

Software Engineer, T.J. Watson IBM Research Center
Tobin Feldman-Fitzthum is a Software Engineer at the T.J. Watson IBM Research Center. He works on secure virtualization and confidential computing. Tobin was a founding maintainer of the Confidential Containers CNCF Sandbox Project. He has also worked on encrypted disks and fast live... Read More →
avatar for Dov Murik

Dov Murik

Research Staff Member, IBM
Dov Murik is a Research Staff Member in IBM Research, working on various aspects of information and system security, and recently focusing on confidential computing. Previously he worked on malware detection, phishing prevention, and AI security. Before that he was part of IBM Trusteer... Read More →

Thursday September 16, 2021 14:35 - 15:00 UTC
  KVM Track 1
  • Presentation Slides Attached Yes