Re: Regarding Xen security....

[Anthony Liguori <aliguori@linux.vnet.ibm.com>]

David Pilger wrote:
> Search for "HVM rootkits",

The vast majority of this is, as Keith Adams put its, "quasi-illiterate 
gibberish."

http://x86vmm.blogspot.com/2006/08/blue-pill-is-quasi-illiterate.html

Having VT/SVM doesn't really change anything wrt rootkits.  Most of what 
is floating around is FUD.  There's nothing you can do today that you 
couldn't do before VT/SVM.

Regards,

Anthony Liguori


  if your system runs without a hypervisor
> and VMX/SVM is enabled in the BIOS then an attacker can gain control
> over that layer. But he'll first need to gain control over the
> operating system (not so difficult) in order to execute a program with
> high privileges. In "VMX root operation" you have total control over
> the system (parallel to ring0, one year ago).
> 
> VT-x is intended to provide another ring of security (priviliges),
> which lets hypervisors manage unmodified operating systems.
> 
> Right now, if you are not running a hypervisor than it's not secure to
> enable VT-x in the BIOS, if you do use some kind of hypervisor, then
> the threat is that an attacker will find a security hole in it and
> take control over that layer. Right now, there aren't any known
> vulnerabilities in software the manage VMX. But I guess that the focus
> of malicious people is not exactly at hypervisors. When LaGrande (for
> instance) will be a part of any computer, then it will be "benefitial"
> to search for vulnerabilities in this layer.
> 
> In summary, there is a risk when no hypervisor occupies the VMX layer
> and it is enabled in the BIOS. The only use of this layer by a
> malicious program is for properly hiding itself from removal tools.
> 
> Any way, here are some insights:
> * If operating systems were secure enough and properly programmed then
> VMX was not needed in this regard (to provide security).
> * The implementation of VMX is here to take the control of the machine
> from a certain operating system, treating an OS just like a "process".
> * Its useful for servers that runs virtual machines, this is trivial
> use of a hypervisors.
> 
> David.
> 
> 
> On 1/12/07, Praveen Kushwaha <praveen.kushwaha@nechclst.in> wrote:
>>
>>
>>
>> Hi Sir,
>>
>>              I have a question regarding the security of Xen. What are 
>> the
>> security threats in with Intel VT-x.
>>
>>
>>
>>
>>
>> Thanks,
>>
>> Praveen Kushwaha
>>
>>
>>
>> _____________________________________________________________________________________________ 
>>
>>
>> NEC HCL System Technologies Ltd., 4th Floor, Tower B, Logix Techno  Park,
>> Noida | Tel: 120 436 6777 Extn 748
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> Xen-devel mailing list
>> Xen-devel@lists.xensource.com
>> http://lists.xensource.com/xen-devel
>>
>>
>>