|
|
|
|
|
|
by slpnix
2414 days ago
|
|
|
I think the slide 14 from the talk "Reports of my Bloat Have Been Greatly Exaggerated" [1] presented by Paolo Bonzini at KVM Forum 2019 gives some good perspective about QEMU's security track: "Of the top 100 vulnerabilities reported for QEMU: - 65 were not guest exploitable - 3 were not in QEMU :) - 5 did not affect x86 KVM guests - 3 were not related to the C language - Only 6 affected devices normally used for IaaS The most recent of these 6 was reported in 2016" The rest of this talk was also very interesting. I encourage everyone with 10 minutes to spare and an interest in VMMs to take a look at the slides. [1] https://static.sched.com/hosted_files/kvmforum2019/c6/kvmfor... |
|
|
> - 65 were not guest exploitable
> [...]
Which leaves about 30 that presumably were guest exploitable.
Don't get me wrong -- QEMU is useful. As a "kitchen sink" solution that runs anything, anywhere, with any useful combination of emulated {devices,processors,systems}.
However, this is also its biggest weakness. Which is why Google and Amazon all run their own custom VMMs for their IaaS services.
The microvm machine type as described here is a great step to improve this situation. The next step in my book would be to reconfigure QEMU's build system to allow building a binary that only supports the devices provided by microvm, and nothing else.