Fuzzing Host-to-Guest Attack Surface in Android Protected KVM

Explore the security implications of Android 13's native virtualization services built on Protected KVM (pKVM) for arm64 devices in this informative conference talk. Delve into the analysis of the new attack surface exposed by guest device drivers processing untrusted input from potentially malicious host-emulated devices. Learn about a fuzzing solution based on the Linux Kernel Library (LKL) project, designed to identify vulnerabilities in virtio front-end and PCI device drivers. Discover the details of implementing this fuzzing technique in the context of pKVM, examine interesting findings, and understand how this tool can be applied more broadly in the Linux kernel. Gain insights into the challenges, existing efforts, and future work in mitigating host-to-guest attack vectors in Android Protected KVM.