...and with some more work kvmclock and similar users won't need to change at all :)
KERNSEAL infrastructure, building upon a number of earlier design choices, makes it nearly trivial to achieve some impressive security goals.
With a small change to kvmclock, we now have KVM where none of the guest memory is mapped/accessible at the hypervisor level at all!
Jul 19, 2023 · 1:20 PM UTC
2
3
8

