Linux Virtualization Based Security – Why, What and How ?

The Linux kernel incorporates self-protection mechanisms, such as control-register pinning, module and file authentication, and protection restrictions. However, sophisticated attackers operating at the kernel level can still circumvent these built-in defenses. To achieve significantly stronger protection, enforcement of such mechanisms can occur at the hypervisor level or through a hypervisor-backed trusted entity. This approach also enables safeguarding and monitoring of other critical system assets, including passwords, keys and essential kernel data structures, within a trusted environment.

This talk introduces the concept of Linux Virtualization Based Security (LVBS) as an umbrella term for various hypervisor-backed kernel protection solutions. LVBS implements a common, hypervisor-agnostic, and extendable architecture in the Linux kernel that should allow any hypervisor to implement and expand upon Linux kernel protections. This architecture enables different hypervisor frameworks-Hyper-V, as an example of a type-1 hypervisor, and KVM, as an example of a type-2 hypervisor-to connect with the common layer and enhance Linux kernel security.

• The discussion then addresses ongoing efforts to implement the proposed architecture, focusing on several key areas:
  History, development and status of the hypervisor-agnostic common layer
• Utilization of Hyper-V’s Virtual Secure Mode (VSM) in combination with the common layer to reinforce Linux kernel protection, including current progress
• Application of the proposed architecture by KVM and the current development status