Re: [Qemu-devel] German BSI analysed security of KVM / QEMU

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Cornelia Huck <cohuck@redhat.com>
To: Stefan Weil <sw@weilnetz.de>
Cc: QEMU Developer <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] German BSI analysed security of KVM / QEMU
Date: Fri, 13 Oct 2017 11:37:08 +0200	[thread overview]
Message-ID: <20171013113708.2dd02a17.cohuck@redhat.com> (raw)
In-Reply-To: <afc33ce4-c9ab-9b35-38ec-80b16642ef00@weilnetz.de>

On Fri, 13 Oct 2017 11:10:05 +0200
Stefan Weil <sw@weilnetz.de> wrote:

> Hi,
> 
> the German Bundesamt für Sicherheit in der Informationstechnik
> (Federal Office for Information Security) published a study on
> the security of KVM and QEMU:
> 
> https://www.bsi.bund.de/DE/Publikationen/Studien/Sicherheitsanalyse_KVM/sicherheitsanalyse_kvm.html
> 
> (article only available in German)

Thanks for posting this!

I only looked at the conclusion for now. Some interesting points:

- They state that QEMU's source code is well structured, readable and
  maintainable. I wonder what kind of source code they usually deal
  with ;)
- Most problems noted seemed to be related to signed<->unsigned
  conversions, but none were found to be exploitable.
- They liked hardening via stack protection, NX, and ASLR, as well as
  the mechanisms used by libvirt.
- They generally seemed to be happy with QEMU being deployed via
  libvirt.
- Restrictions imposed via KVM (guest access to some CPU registers)
  scored positive points. They did not like that Hyper-V and PMU were
  not deconfigurable.
- Lack of support for encryption/signing of network-based images was
  criticized. They ended up using Ceph and GlusterFS, which they were
  reasonably happy with.

That's just from a quick browse.

next prev parent reply	other threads:[~2017-10-13  9:37 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-10-13  9:10 [Qemu-devel] German BSI analysed security of KVM / QEMU Stefan Weil
2017-10-13  9:37 ` Cornelia Huck [this message]
2017-10-13  9:44   ` Daniel P. Berrange
2017-10-13  9:53     ` Cornelia Huck
2017-10-16 13:22     ` Kevin Wolf
2017-10-16 13:38       ` Daniel P. Berrange
2017-10-16 13:47         ` [Qemu-devel] [Qemu-block] " Alberto Garcia
2017-10-16 15:24         ` [Qemu-devel] " Kevin Wolf
2017-10-13 10:30   ` Stefan Weil

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171013113708.2dd02a17.cohuck@redhat.com \
    --to=cohuck@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=sw@weilnetz.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.