This talk will follow-up and expand on my DevConf.us 2024 session (https://youtu.be/qNOunNJ9ou8?si=wLkOfL8uUMRp8nYA), but this time focused on showing the several different components involved in creating a Trusted Execution Environment (TEE), what are their development roadmaps and status, and how they combine to bring Confidential Computing for Containers, Virtual Machines and Edge environments.

Some of the technologies that we will go through are (in rough architectural order):
- AMD SEV-SNP and Intel TDX Kernel changes
- Secure Virtual Service Machine (SVSM), Paravisors and Virtual Trusted Platforms Modules (vTPMs)
- SecureBoot and the need of Unified Kernel Images (UKIs)
- Userspace tools and libraries such as snphost, snpguest, sgx-dcap
- Attestation Servers: Validators, Brokers and Clients

We will wrap up explaining how these pieces combine to create some of the more notorious scenarios: Artificial Intelligence with Confidential Containers, Legacy and third-party Operating Systems with Confidential Virtualization, and Edge scenarios with Image-mode OSes and Immutable filesystems.