GitHub - vmsplit/IceVMM: minimal hypervisor for aarch64 (WIP)

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 28 Commits
include		include
src		src
.ccls		.ccls
.gitignore		.gitignore
Makefile		Makefile
README.txt		README.txt
hypervisor.bin		hypervisor.bin
hypervisor.elf		hypervisor.elf
linker.ld		linker.ld
notes.txt		notes.txt
qemu.log		qemu.log

Repository files navigation

#################################
 ___ ___ _____   ____  __ __  __ 
|_ _/ __| __\ \ / /  \/  |  \/  |
 | | (__| _| \ V /| |\/| | |\/| |
|___\___|___| \_/ |_|  |_|_|  |_|   
                                         
#################################


IceVMM is a "toy" HyperVisor specifically designed to proof-of-concept
  security in the HyperVisor (i.e. Kernel security features such as LKRG, 
  CFI, PaX, etc.)
This is because nowadays Kernel security features are quite simple to disable/patch/bypass,
  especially on Linux.
To at least *remediate* or mitigate such possibilties i'm demonstrating 
  (a sort of already done) concept where I'll showcase the practicality of moving these
  security features from the Kernel -> HyperVisor.

NOTE:

This is a work in progress. I am at college doing college shit.
In lieu of actively pushing updates i'll be doing offline development and when i've actually
  got some shit done i'll push it.
I wrote a paper a while back about this for Phrack 72 but I:
  1. missed the deadline
  2. didn't have a complete version I was "satisifed" with
  3. eventually lost it by erasing my entire NixOS root filesystem partition

Just like any project this could have a chance to flourish with time
  and dedication. 
Unfortunately the education system and my brain don't get along
  so it'll be frustrating...but eventually i'll get this done.