|
|
Subscribe / Log in / New account

KVM for Android

KVM for Android

Posted Nov 12, 2020 15:19 UTC (Thu) by sbaugh (guest, #103291)
Parent article: KVM for Android

>third-party code for digital rights management (DRM), various opaque binary blobs, cryptographic code, and so on

So in the end, the "security" gains of the "protected KVM" project are securing the device against the user, not actual improved security for the user. That's pretty disappointing. When people talk about shrinking the TCB, and how that improves security, I generally take them at their word, not as this kind of masked anti-user effort...

to post comments

KVM for Android

Posted Nov 12, 2020 15:32 UTC (Thu) by adam820 (subscriber, #101353) [Link] (4 responses)

I suppose that depends on how you read the context of that whole sentence. It sounded to me like the goal was to protect the Android system (and thus, the user) from whatever this third-party code is doing, since there's no control over it. Not necessarily to enable that code (it's enabled regardless).

KVM for Android

Posted Nov 13, 2020 12:12 UTC (Fri) by jezuch (subscriber, #52988) [Link] (2 responses)

That's how I read it too. Currently it's forced upon the user and runs in a super-privileged context with no oversight at all. Sandboxing this code can only benefit the user. (Though I agree that removing it would be best.)

KVM for Android

Posted Nov 13, 2020 13:40 UTC (Fri) by mzyngier (subscriber, #32898) [Link]

That's indeed the goal. We can't really get rid of it (apparently, people really want 4K N*****x on a 15cm screen), but we can move that code to a place where it won't risk harming the rest of the system if it goes mad.

At least, that's the plan.

KVM for Android

Posted Nov 20, 2020 7:49 UTC (Fri) by rmayr (subscriber, #16880) [Link]

Yes, that is one of the main drives - TrustZone (where most of this code lives today) is highly privileged and opaque, and TEE implementations certainly have had their share of vulnerabilities. Sandboxing that code in VMs helps the whole system and therefore users.

KVM for Android

Posted Nov 13, 2020 15:45 UTC (Fri) by sbaugh (guest, #103291) [Link]

Protecting the Android system and the user could be done by running these DRM blobs under normal KVM. The "protected KVM" project isn't necessary to achieve that - regular KVM would work fine.

"Protected KVM" is only necessary if you don't want the Android kernel and user to have a higher privilege level than the DRM blobs - which is a requirement specific to DRM and anti-user things like it.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds