[Rust-VMM] [Rust-vmm] Goals for this list
Paolo Bonzini
pbonzini at redhat.com
Thu Dec 20 15:34:08 UTC 2018
On 20/12/18 16:05, Anthony Liguori wrote:
> The two biggest sources of CVEs in KVM have been instruction emulation
> and device emulation. Moving the x86_emulate code to userspace and
> rewritting it in Rust would eliminate one of the larger attack surfaces
> in KVM and likewise, moving IO APIC and PIT emulation to userspace would
> help a lot there too.
>
> On modern processors, LAPIC is handled almost entirely in hardware so
> the remaining complexity in KVM is really around EPT handling and
> hardware interaction. I don't think either can reasonably be moved.
Note that userspace PIT/PIC/IOAPIC emulation is already supported by KVM
(Linux 4.4 or newer I think; QEMU will make it the default for the q35
machine type in the next release, for now you need -machine
kernel_irqchip=split).
Paolo
More information about the Rust-vmm
mailing list