09-21, 14:45–15:30 (Europe/Dublin), Foyer B
In OpenBSD 7.4, the native hypervisor, vmd(8) became the only open source type-2 hypervisor to default to using a multi-process, privilege separated model for emulating block and network devices.
This talk provides a look at the inspiration from Oracle's contributions to QEMU as a means of multi-layered defense, a review of the challenges and changes required to OpenBSD across 7.4 and 7.5, and a look at the road ahead.
I'm an OpenBSD committer (dv@) primarily working on vmm(4) and vmd(8). I also maintain the virtio_vmmci and vmm_clock kernel modules for Linux guests being hosted by vmd(8).