On Fri, 2018-07-06 at 21:29 +0200, Ahmed Soliman wrote: > > 2) And why from inside the kernel? > > Because this needs to be done from inside KVM. > > Note: I am aware that this won't be effective against rootkits that > live in userspace, rootkits that target kernel dynamic data, files on > disk, as well as VMM escapes, but I believe if the attack surface is > reduced by just a little bit, it is not that bad, so please lets not > discuss that :P. It sounds like the only permission you care about is the permission of the _guest_ writing to that memory, not the permission of the qemu-kvm userspace program writing to that memory. You may be looking at the wrong page mapping to manipulate. -- All Rights Reversed.
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
