Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the unique challenges of deploying confidential computing (CoCo) payloads on arm64 mobile platforms in this 29-minute conference talk from KVM Forum. Discover how mobile hardware constraints, including non-translating Stage-2 IOMMUs, reduced addressing capabilities, TrustZone implementation limitations, and sensitivity to Stage-2 page-table fragmentation, impact confidential computing deployment. Learn about the demanding power and performance requirements that emerge with new CoCo use-cases in mobile environments. Examine a detailed proposal for addressing these challenges through physical memory allocation constraints on memory backing CoCo guests and hypervisor data structures. Understand how extending existing infrastructure such as guest_memfd and dmabuf could provide solutions to mitigate these hardware-specific issues. Gain insights into the technical nuances of mobile hardware that affect both CPU and DMA operations, and participate in discussions about optimal approaches for expressing allocation constraints in confidential computing environments.
