Walking hypervisor tracks

Hypervisors 101

  • Theoretical model of virtualisable architectures

  • x86 virtualisation

  • Paravirtualisation

  • Hardware assisted virtualisation

Creating a research framework

  • How to explore hypervisor functionality exposed to guests

  • Development of a unikernel in C to execute arbitrary guest code

  • Development of Python scripts

Inside Hyper-V

  • Hyper-V’s architecture overview

  • Synthetic interfaces: MSRs, SynIC, hypercalls

  • VMBus communication

Hacking hypervisors case study

  • Root cause analysis of a device emulation vulnerability in QEMU

  • USB and EHCI basics

  • Development of a VM escape exploit for a user-mode worker process (QEMU)