Back To Schedule
Friday, October 30 • 06:30 - 07:00
Guest Memory Protection -- Current Status and Future - Isaku Yamahata, Intel

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Recently there are several proposals for protect guest memory from KVM as VMM and qemu as user space in various ways of software and hardware. We discuss the guest memory protection and how we can proceed those efforts. As software solution, the proposal of KVM protected memory extension, the mapping of guest memory is removed from kernel address space (direct mapping area) and make user space mapping as NONE permittion. Also the proposal of execute only memory(XOM) introduce a new software type of guest memory as execute only. Also removing mapping from use space is also important part of guest memory protection which may require changes intrusive to KVM MMU. Live migration also needs attention for guest protection because guest memory protection means that qemu can't directly access guest memory/status. After summarizing proposals, consider how we can proceed them.

avatar for Isaku Yamahata

Isaku Yamahata

Software engineer, Intel
Isaku Yamahata is a Software architect in the Open Source Technology Center, Intel. His main focus is virtualization technology, network virtualization as Software Defined Networking for multiple years. Isaku is an active on Graphene LibOS and OpenStack Neutron (networking) and has... Read More →

Friday October 30, 2020 06:30 - 07:00 GMT
KVM Theater
  KVM Forum, KVM