x-tier code injection for VMI

x-tier code injection for VMI

[Jonas Jelten]

[-- Attachment #1: Type: text/plain, Size: 1254 bytes --]

Hai *!

We [0] are developing x-tier [1], a VMI system that injects code into a
kvm guest from the hypervisor.

Currently we're using kernel modules to be executed in the context of
the VM. The execution is carefully separated from the target VM so the
injection remains stealthy (as always, except for timing attacks).

Using this method, we could even redirect system calls from the
hypervisor into a VM transparently[2]. Programs running on the host are
obtaining their data from the guest stealthily that way :D


What I want to ask the kvm folks:
Would there be interest integrating the kernel components upstream?
Mainly it would provide guest os-independent code injection.

All implementation is free software already [3][4], of course it needs a
lot of polishing before going upstream ;)

The userspace part is a modified qemu [5], we're trying to move all the
injection procedures into the kernel though. Work is in progress..

Cheers,
JJ

[0] https://www.sec.in.tum.de/
[1] http://link.springer.com/chapter/10.1007/978-3-642-38631-2_15
[2] https://home.in.tum.de/~jelten/dynamic-syscall-translation.pdf
[3] https://github.com/TheJJ/x-tier
[4] https://github.com/TheJJ/linux
[5] https://github.com/TheJJ/qemu


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: x-tier code injection for VMI

[Jan Kiszka]

On 2015-04-21 15:52, Jonas Jelten wrote:
> Hai *!
> 
> We [0] are developing x-tier [1], a VMI system that injects code into a
> kvm guest from the hypervisor.
> 
> Currently we're using kernel modules to be executed in the context of
> the VM. The execution is carefully separated from the target VM so the
> injection remains stealthy (as always, except for timing attacks).
> 
> Using this method, we could even redirect system calls from the
> hypervisor into a VM transparently[2]. Programs running on the host are
> obtaining their data from the guest stealthily that way :D
> 
> 
> What I want to ask the kvm folks:
> Would there be interest integrating the kernel components upstream?
> Mainly it would provide guest os-independent code injection.
> 
> All implementation is free software already [3][4], of course it needs a
> lot of polishing before going upstream ;)
> 
> The userspace part is a modified qemu [5], we're trying to move all the
> injection procedures into the kernel though. Work is in progress..

You may have to advertise your feature for a broader audience: What is
the added value, low level and from a higher perspective? Who may be
interested in it: research, real-world applications, and which kind?

Then, how invasive will the extension be, e.g. which performance impact
will it have for non-users, how much code is added to the kernel and how
many new interfaces (both very sensitive from maintenance and security
perspective)?

Already considered submitting a talk about it for the next KVM Forum
(http://events.linuxfoundation.org/events/kvm-forum/)?

Jan

-- 
Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux