Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 29 Oct 2018 20:01:42 +0200
From: Igor Stoppa <>
To: Ahmed Abd El Mawgood <>,
 Paolo Bonzini <>,,
 Jonathan Corbet <>, Thomas Gleixner <>,
 Ingo Molnar <>, Borislav Petkov <>,,,,,,,,,
 Boris Lukashev <>,
 Hossam Hassan <>, Ahmed Lotfy <>
Subject: Re: [PATCH V5 0/5] KVM: X86: Introducing ROE Protection Kernel


On 26/10/2018 16:12, Ahmed Abd El Mawgood wrote:

> This is the 5th version which is 4th version with minor fixes. ROE is a
> hypercall that enables host operating system to restrict guest's access to its
> own memory. This will provide a hardening mechanism that can be used to stop
> rootkits from manipulating kernel static data structures and code. Once a memory
> region is protected the guest kernel can't even request undoing the protection.

This is very interesting, because it seems a very good match to the work 
I'm doing, for supporting the creation of more targets for protection:

In my case the protection would extend also to write-rate type of data.
There is an open problem of identifying legitimate write-rare 
operations, however it should be possible to provide at least a certain 
degree of confidence.



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.