Perform project-wide security audits focused on KVM hypervisor escape, guest memory safety, and dependency vulnerabilities.
When performing a security audit, always follow these steps:
Audit dependencies — run cargo audit to check for known CVEs in the dependency tree. Treat any Critical or High finding as a blocker; document Medium/Low with remediation notes.
Static analysis — run cargo clippy -- -W clippy::all -W clippy::pedantic 2>&1 and review all warnings. Pay particular attention to:
unwrap()/expect() on values derived from untrusted guest inputHypervisor escape review — read every unsafe block in src/loader/ and verify:
ioctl return values are always checked; no silent error suppression.MAGIC_API_BASE breakpoints cannot be triggered from an unexpected privilege level to escalate host privileges.Guest-controlled input audit — trace all data paths from VMEXIT guest registers (RAX, RBX, RCX, RDX, RSI, RDI, guest stack) into host Rust code. Confirm that:
../ traversal) before being forwarded to the host VFS.Clean-room policy check — confirm no proprietary binary blobs (IBM DLL dumps, ROM images, disassembly artefacts) have been introduced into vendor/, samples/, or anywhere else in the tree. Run file vendor/**/* samples/**/* 2>/dev/null | grep -vE 'text|directory|makefile|script|source' and review anything unexpected.
Report findings — document all identified risks, classified by severity (Critical, High, Medium, Low), with:
Present the report to the user before making any changes. Fix Critical and High issues immediately; schedule Medium/Low for follow-up.