»CPU vulnerabilities and KVM security (in English)«
2019-08-03, 15:05–15:45, Radisson Lisboa

More than two years have passed since researches have discovered the Spectre and Meltdown CPU vulnerabilities, which were the first ones of a whole new family of CPU vulnerabilities. These vulnerabilities impact the design of all components of software that manages virtual machines, from the low level KVM code inside the kernel to user interfaces. In this new world, CPU security updates are commonplace, and software that virtualizes hardware need better methods to update virtual CPUs as well. This talk summarizes the challenges an design changes that are being made into KVM, QEMU, and virtualization management software to adapt to this new landscape.