Skip to main content
Information Security

Questions tagged [kvm]

Ask Question

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V).

27 questions
Newest Active Bountied Unanswered
1 vote
0 answers
63 views

I'm analyzing a system where services are isolated via QEMU. For storage, it gives each guest access to their own block device/partition on the host (for performance reasons). I'm wondering if this ...
PhilipRoman's user avatar
  • 145
2 votes
1 answer
390 views

My host is Fedora, and I want to add an extra layer of protection against 0day KVM/QEMU exploits that execute code on the host. For example there have been CVEs where if we run a specially crafted ...
OneAndOnly's user avatar
  • 410
0 votes
1 answer
400 views

I'm currently working on a server. This server is meant to be converged, as in be my storage server and the place publicly accessible services run on. Services like some API's in docker or k8s and ...
Rocco's user avatar
  • 103
1 vote
1 answer
113 views

I try to attest my vm running on a kvm+qemu host using qmp and this command: echo '{ "execute": "qmp_capabilities" }\n{"execute":"query-sev-attestation-report",&...
alindner's user avatar
  • 11
1 vote
2 answers
2k views

So I used Qemu on Ubuntu 20 to emulate a computer running windows 10. I kept all of Qemu default values. Then, while installing the Windows 10 iso, I kept all the default values once again. Finally, I ...
propre_poli's user avatar
  • 13
5 votes
1 answer
2k views

Context: I own a machine; I trust root and all the accounts. I virtualize untrusted guests using KVM, and don't want them to escape. When /dev/kvm has the right permissions, non-root users can run KVM ...
punkeel's user avatar
  • 151
2 votes
1 answer
3k views

Stumbled upon a privacy conscious hosting provider that uses LXD vs KVM to manage user VPS instances. My understanding is KVM is more isolated so using LXD doesn’t make sense from a privacy ...
sunknudsen's user avatar
  • 239
1 vote
1 answer
365 views

I was wondering if it is secure or not to run containers from different customers on the same machine. Basically I was investigating the level of isolation / security provided by Docker alone. Then ...
collimarco's user avatar
  • 173
3 votes
1 answer
616 views

With KVM guest systems so prevalent now, I was wondering if there is any merit in using LUKS encrypted storage, as the guest will usually be always on, so the information is always accessible ...
pepa65's user avatar
  • 131
2 votes
1 answer
4k views

I am running virtual machines in kvm/qemu hypervisor. The hypervisor has Meltdown/Spectre mitigation enabled in kernel. Is it necessary that virtual machines have the Meltdown/Spectre mitigation ...
Martin Vegter's user avatar
  • 1,821
1 vote
1 answer
1k views

Let's assume the host is not encrypted, and all files on it are accessible. A VM with LUKS encryption is saved, meaning its memory is now residing as a regular file on the host, does that memory also ...
Waleed Hamra's user avatar
  • 197
3 votes
1 answer
479 views

I've got a set of source code files (compiled C#) that I want to prevent direct read access to. The program will be running on the VM. I was thinking of storing these in an encrypted hard disk VM, the ...
Chris Stryczynski's user avatar
  • 141
2 votes
0 answers
884 views

I need to enable KVM for my android-ci Docker image to work for emulator based instrumentation tests. The Android emulator requires the kvm device. Therefore I specify the following in the Runner ...
kmindi's user avatar
  • 121
6 votes
1 answer
3k views

How secure is the host operating system from the guest virtual machine's OS when using GPU passthrough (using the methods described here)? If the guest is compromised, can it permanently infect the ...
user220850's user avatar
  • 101
1 vote
1 answer
351 views

Let's say that on my personal computer, I host a VM I use to do software development. My personal computer is connected to the internet and running Ubuntu 16.04 and my guest is CentOS 7. I don't want ...
gxtaillon's user avatar
  • 193

15 30 50 per page
1
2