We will reserve some time for people to get together and discuss strategic decisions as well as other topics that are best solved within smaller groups. This time can also be used for hands-on hacking sessions.
If you are interested in organizing such a group time event, please add it to the list before KVM Forum, so people have time to organize which one they will attend.
Adding links to this wiki is restricted. If you have problems adding your BoF, please send it to the program committee at firstname.lastname@example.org.
Better Speculative-Execution/L1TF Mitigations
Summary: Doing a better job of mitigating speculative-execution-based attacks
Diving into how we can better mitigate speculative-execution attacks in the context of KVM. Issues include (feel free to add your own):
- Reducing the reachable Direct Map
- Hyperthreading Issues
- Jonathan Adams <email@example.com> (organizer)
Summary: Examining separation of emulated IO devices into separate processes
Marc-Andre Lureau & Konrad Rzeszutek Wilk presented the concept of a multi-process QEMU at KVM Forum 2017. The idea is to dis-aggregate QEMU into multiple processes for benefits discussed below. Patches which provide an idea of this concept have been sent to firstname.lastname@example.org.
Very much looking forward to picking your brain regarding this topic.
Benefits of dis-aggregating QEMU into multiple processes:
- Reducing the impact of malicious software; tailored SELinux policies
- John G Johnson <email@example.com>
- Elena Ufimtseva <firstname.lastname@example.org>
- Jag Raman <email@example.com> (organizer)
BoF idea template
=== TITLE === '''Summary:''' Short description of the idea Detailed description of the idea. '''Links:''' * Wiki links to relevant material * External links to mailing lists or web sites '''People:''' * Your Name (organizer) * People that want to attend this session