Loading…
28 - 29 August | Amsterdam, Netherlands
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Linux Security Summit Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time (CEST | UTC+2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
Thursday August 28, 2025 10:55 - 11:40 CEST
Linux Virtualization based Security (LVBS) is a security feature that leverages hypervisors to a) harden the kernel and b) ensure that critical kernel resources remain untampered, even if the guest kernel gets compromised by creating an isolated environment that runs at a higher trust level than the normal operating environment. A key kernel integrity feature of LVBS is to ensure that kernel memory protections (read-only, W^X) are backed up by this trusted environment using Second Level Page Tables so that even if the guest kernel is compromised, the kernel memory cannot be tampered with.
One of the challenges in enabling hypervisor-enforced kernel memory protection is that the Linux kernel inherently supports features that either modify existing kernel code or inject code into the kernel memory space. In this talk, we aim to examine a comprehensive list of such kernel features (which are inherently easier exploit surfaces) and then discuss how these features can be hardened via LVBS to ensure that the integrity and authenticity of patched code, even if the kernel is compromised. Finally, we present the status of our work in implementing these hardenings.
Speakers
avatar for Thara Gopinath

Thara Gopinath

Principal Software Eng Lead, Microsoft
Thara Gopinath is a Principal Software Engineering Lead at Microsoft. She has been working on various Linux kernel subsystems since 2009 and currently leads the team implementing Linux Virtualization Based Security (LVBS) at Microsoft.
avatar for Femi Adeyemi

Femi Adeyemi

Senior Software Engineer @ Microsoft, working on Virtualization Based Security, Microsoft
Femi Adeyemi is a Senior Software Engineer at Microsoft, enhancing Linux kernel security using virtualization technologies
Thursday August 28, 2025 10:55 - 11:40 CEST
G102-103

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link