Overview
Explore a Linux Plumbers Conference talk on Hypervisor-Enforced Kernel Integrity (Heki) for KVM. Delve into advanced kernel protection mechanisms that leverage KVM to implement defenses outside the kernel, offering more robust security against vulnerabilities. Learn about the evolution of the project, including new features such as minimal static configuration, GFN attributes management, dynamic memory protection for kernel mappings, VMM notification, and version management. Gain insights into the challenges of mainlining these changes and the potential for collaboration with contributors and users in the Linux kernel community.
Syllabus
Hypervisor-Enforced Kernel Integrity (Heki) for KVM - Mickaël Salaün, Mr Madhavan Venkataraman
Taught by
Linux Plumbers Conference