Explore a Linux Plumbers Conference talk on Hypervisor-Enforced Kernel Integrity (Heki) for KVM. Delve into advanced kernel protection mechanisms that leverage KVM to implement defenses outside the kernel, offering more robust security against vulnerabilities. Learn about the evolution of the project, including new features such as minimal static configuration, GFN attributes management, dynamic memory protection for kernel mappings, VMM notification, and version management. Gain insights into the challenges of mainlining these changes and the potential for collaboration with contributors and users in the Linux kernel community.
Overview
Syllabus
Hypervisor-Enforced Kernel Integrity (Heki) for KVM - Mickaël Salaün, Mr Madhavan Venkataraman
Taught by
Linux Plumbers Conference
Related Courses
-
Hypervisor-Enforced Kernel Integrity for Linux with KVM
-
Linux KVM for System and cloud Engineers
-
Evaluating Implementation Options for KVM-based Type 1 and 1.5 Hypervisors
-
Developing a Multithreaded Kernel From Scratch!
-
Analyzing Nested CVM Performance on KVM/QEMU and Linux Root Partition for Hyper-V - Comparative Study
-
Kernel Hardening - Protecting the Protection Mechanisms
