AMD Hypervisor with Rust - Matthias Heiden - Rust Linz, October 2022

Rust Security

AMD Hypervisor built with Rust, featuring static assertions, custom allocators, and MSR bitmap for secure multi-level virtualization and virtualization-based security.

Key takeaways
  • AMD Hypervisor with Rust
  • Static assertions
  • Timed attacks can reveal running inside a virtual machine
  • Custom allocators and virtual memory management
  • MSR bitmap for intercepting hardware requests
  • Nested page tables for multi-level virtualization
  • Hypervisor debugging is painful
  • Use of static assertions and error handling
  • Importance of carefully crafting structures and data types
  • Use of bit fields and flags for flexible data representation
  • Implementing a virtual memory allocator
  • Virtualization-based security
  • Importance of good documentation, e.g., Intel or MD manual
  • Rust is a suitable language for hypervisor development

More talks

"Formally Verifying Everybody's Cryptography" by Mike Dodds, Joey Dodds (Strange Loop 2022)

HODOR: Reducing Attack Surface on Node.js via System Call Limitation

LLM4Shell: Discovering and Exploiting RCE Vulnerabilities in Real-World LLM-Integrated Frameworks

The Cycling Tour – Java's Fraught Relationship with Cyclic Object Graphs by Stuart Marks

HTTP/3 and QUIC: Who, what, where, when and, WHY? by Robin Marx

DevOps Tech: Shifting Left on Security (Presented by: Portshift.io)

IRonMAN: InterpRetable Incident Inspector Based ON Large-Scale Language Model and Association miNing

Hosting and DevOps for Django with Benjamin "Zags" Zagorsky