24-28 August 2020
US/Pacific timezone

Protected KVM: Memory protection of KVM guests in Android

24 Aug 2020, 10:30
Microconference2/Virtual-Room (LPC Virtual)


LPC Virtual

Android MC Android MC


Quentin Perret (Google)


This talk outlines a proposal to re-factor and extend the arm64/KVM implementation in order to enable the execution of guest VMs in memory carveouts protected from the host kernel, as well as potential use-cases in the Android world. Using this architecture, we intend to remove the host kernel from the Trusted Computing Base, hence protecting guest secrets, such as private user data, against attacks targeting the host.

I agree to abide by the anti-harassment policy I agree

Presentation Materials