|1930 - meetup|
|HVM security research|
The aim of this project is to research security implications of hardware virtualization extensions. Such extensions are present in almost every modern x86 CPU (under marketing names AMD-V/SVM and Intel VT-x) and although they are very useful, it is believed that they can be used by malicious software to become virtually (no pun intended) undetectable. This has first been shown possible by the Blue Pill rootkit by Joanna Rutkowska.
Goal of this project is to research the theory around the technology, implement very thin “hypervisor” layer suitable for security research and go from there…
Hardware virtualization in general:
Instruction sets specifications: