Loading…
Edinburgh, Scotland, UK
October 21 & October 25 | Co-Located Events, Tutorials, & Workshops
October 22-24 | Conference
Find out more information for Open Source Summit + Embedded Linux Conference & OpenIoT Summit Europe 2018

Please note that you can view and download presentations on the Open Source Summit and Embedded Linux Conference + OpenIoT Summit slides pages. 
Back To Schedule
Wednesday, October 24 • 12:05 - 12:45
Security in QEMU: How Virtual Machines Provide Isolation - Stefan Hajnoczi, Red Hat

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
Is it safe to use QEMU to do X? This talk explains the security model and use cases that QEMU is designed for.  Understanding the security model is critical for deploying virtual machines as well as contributing code to QEMU. This talk gives an overview of the attack surfaces, including emulated devices, the monitor, remote desktop, disk images, and the CPU accelerators.  Virtual machines offer isolation from each other and the host if QEMU is configured properly. Most of these best practices are encapsulated in libvirt, but not all users choose to use it, so it is worth understanding them. Finally, no discussion of security in QEMU would be complete without reviewing CVEs and the lessons learnt from them.
Speakers
avatar for Stefan Hajnoczi

Stefan Hajnoczi

Senior Principal Software Engineer, Red Hat
Stefan works on QEMU and Linux in Red Hat's Virtualization team with a focus on storage, VIRTIO, and tracing. Recent projects include libblkio, virtiofs, storage performance optimization for NVMe drives, and out-of-process device emulation. Stefan has been active in the QEMU community... Read More →

Wednesday October 24, 2018 12:05 - 12:45 BST
Lowther Suite, Level -1
  Joint KVM Forum Track

Attendees (125)