Isolating PCI/CXL Devices: It All Starts with System Launch

It has been well established that the integrity of critical systems must be rooted in the launch. Early works such as the Xoar architecture demonstrated the need for virtualized environments to begin with a lightweight, restricted bootstrap from which isolation of PCI management could be established. Since that time, knowledge of real IOMMU implementations and how to leverage them for system integrity has evolved. In this presentation, the new Hyperlaunch capability for starting hypervisors will be presented with a short discussion of the Xen implementation. The talk will progress to a discussion of how Hyperlaunch is connected with TrenchBoot (Linux Secure Launch) and Mandatory Access Control communication fabrics. With a focus on how it enables dedicated PCI management constructs that can provide secure and trustworthy isolation for PCI devices, with the potential for CXL devices. The talk will close with an open discussion on how hypervisors might unify around a common approach for IOMMU management.


