Confidential computing for OpenPOWER

This paper presents Protected Execution Facility (PEF), a virtual machine-based Trusted Execution Environment (TEE) for confidential computing on Power ISA. PEF enables protected secure virtual machines (SVMs). Like other TEEs, PEF verifies the SVM prior to execution. PEF utilizes a Trusted Platform...

Full description

Saved in:
Bibliographic Details
Published inProceedings of the Sixteenth European Conference on Computer Systems pp. 294 - 310
Main Authors Hunt, Guerney D. H., Pai, Ramachandra, Le, Michael V., Jamjoom, Hani, Bhattiprolu, Sukadev, Boivie, Rick, Dufour, Laurent, Frey, Brad, Kapur, Mohit, Goldman, Kenneth A., Grimm, Ryan, Janakirman, Janani, Ludden, John M., Mackerras, Paul, May, Cathy, Palmer, Elaine R., Rao, Bharata Bhasker, Roy, Lawrence, Starke, William A., Stuecheli, Jeff, Valdez, Enriquillo, Voigt, Wendel
Format Conference Proceeding
LanguageEnglish
Published New York, NY, USA ACM 21.04.2021
SeriesACM Conferences
Subjects
Security and privacy > Systems security > Operating systems security > Trusted computing
Software and its engineering > Software organization and properties > Contextual software domains > Software infrastructure > Virtual machines
POWER9
secure computing
KVM
ultravisor
Linux
confidential computing
TEE
firmware
enclave
trusted execution environment
Online AccessGet more information

Cover

More Information
Summary:This paper presents Protected Execution Facility (PEF), a virtual machine-based Trusted Execution Environment (TEE) for confidential computing on Power ISA. PEF enables protected secure virtual machines (SVMs). Like other TEEs, PEF verifies the SVM prior to execution. PEF utilizes a Trusted Platform Module (TPM), secure boot, and trusted boot as well as newly introduced architectural changes for Power ISA systems. Exploiting these architectural changes requires new firmware, the Protected Execution Ultravisor. PEF is supported in the latest version of the POWER9 chip. PEF demonstrates that access control for isolation and cryptography for confidentiality is an effective approach to confidential computing. We particularly focus on how our design (i) balances between access control and cryptography, (ii) maximizes the use of existing security components, and (iii) simplifies the management of the SVM life cycle. Finally, we evaluate the performance of SVMs in comparison to normal virtual machines on OpenPOWER systems.
ISBN:1450383343
9781450383349
DOI:10.1145/3447786.3456243