⚙️
Morphisms: Confidential Serverless Containers
  • Introduction
  • Preliminaries
    • What is Confidential Computing?
      • Threat Model
      • Intel SGX
        • Threat Model
        • Memory Layout
        • Memory encryption
        • Enclave Lifecycle
        • Entering and Exiting an Enclave
        • Measurement
        • Certificate
        • Key Derivation
        • Attestation
        • Gramine
        • SGX2
        • Secret Key Provisioning
      • AMD SEV-SNP
        • Encrypted CPU Registers
        • Memory encryption
        • Secure Nested Paging
        • Virtual Machine Privilege Levels (VMPL's)
        • Cryptographic Keys
        • Secret Key Provisioning
        • Guest Deployment
    • Serverless (FaaS)
      • Knative
  • Confidential Serverless Containers
    • Introduction
    • Intel SGX
      • Threat Model
      • Remote attestation verification
      • Secure Storage
        • HashiCorp's Vault
      • Architecture
        • Confidential Knative
        • Certificates
        • Session Management
      • Confidential Container Configuration
    • AMD SEV-SNP
      • Threat Model
      • Architecture
        • Network communication
        • KMS
        • Updates
        • Key rotation
      • Design Decision
  • Benchmarks
    • Hardware
    • Results
    • Architecture Comparison
  • Getting Started
    • FAQ
    • Intel SGX
    • AMD SEV-SNP
  • Glossary
    • SGX Glossary
    • AMD SEV-SNP Glossary
Powered by GitBook
On this page
  1. Preliminaries
  2. What is Confidential Computing?
  3. AMD SEV-SNP

Memory encryption

When a VM is started by the hypervisor, the hypervisor assigns it an ASID (Address Space ID) and passes the ID to the AMD SP in the VMRUN statement. All code and data associated with a confidential VM is tagged with the ASID inside the CPU. This allows the CPU to only allow the actual owner to access the data by matching the ASID's. The AMD-SP generates an encryption key for each VM created using a hardware random number generator, associates it with the ASID, and loads it into a dedicated hardware register. No software is allowed to read these registers. When data leaves the SoC, it must pass through the encryption engine, which encrypts it with the key associated with the VM. In SEV, the encrypted memory for a particular cVM is called its private memory. AMD SEV uses AES-128 for memory encryption and a custom tweak function. AES-XTS, used by Intel SGX, also uses a tweak. This protects against side-channel attacks and move of the ciphertext block into a different memory space. The hypervisor is also assigned an ASID and has it's own encryption key. This encryption key is used for shared memory and all confidential VMs and the hypervisor can use it. This allows memory to be shared with the hypervisor or with other trusted VMs. By setting a special bit, the guest kernel (cVM kernel) can mark memory as either shared or private. DMA's to a cVM's private memory are completely disallowed and are only allowed for shared memory.

PreviousEncrypted CPU RegistersNextSecure Nested Paging

Last updated 1 year ago