Re: [Qemu-devel] building a virus-proof PC with Qemu

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Magnus Damm <damm@opensource.se>
To: Karl Magdsick <kmagnum@gmail.com>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] building a virus-proof PC with Qemu
Date: Wed, 24 Nov 2004 00:33:02 +0100	[thread overview]
Message-ID: <1101252782.8460.105.camel@localhost> (raw)
In-Reply-To: <cd8ecdef041123144123e6e08b@mail.gmail.com>

On Tue, 2004-11-23 at 23:41, Karl Magdsick wrote:
> > sorry, but why don't you use/recommend Trusted Solaris (SPARC and i386)
> > http://wwws.sun.com/software/solaris/trustedsolaris/   ?
> > I hardly doubt that it will be too easy for anyone to clone the security
> > mechanisms it provides.
> 
> I agree that making the operating system role-aware seems like a much
> more tractable solution than trying to externally trace data flows. 
> An external system would have to be extremely intelligent in order to
> work out the Pi calculus from observing data and low-level CPU
> operations.

Extremely intelligent? The theory seems pretty simple to me.
Maybe we are talking about different things?

What about this: Analyze the code block that is translated from
guest-instructions to micro operations. If any of the guest-instructions
are data that is either unmodified untrusted data or data that is the
result of any operation involving untrusted data, then create a block of
illegal instructions. Or handle the violation in a smarter way.

This assumes that it is to possible mark RAM bytes as untrusted, and a
code flow analyzer keeping track if resources (registers, flags) contain
trusted or untrusted data. Maybe something like this:

http://lists.gnu.org/archive/html/qemu-devel/2004-08/msg00285.html

/ magnus

next prev parent reply	other threads:[~2004-11-23 23:44 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-11-23 12:31 [Qemu-devel] building a virus-proof PC with Qemu Piotras
2004-11-23 12:44 ` Bochnig, Martin
2004-11-23 14:00   ` Magnus Damm
2004-11-23 14:56   ` Magnus Damm
2004-11-23 15:19     ` Paul Brook
2004-11-23 17:37     ` Piotras
2004-11-23 21:20       ` Bochnig, Martin
2004-11-23 22:41         ` Karl Magdsick
2004-11-23 23:33           ` Magnus Damm [this message]
2004-11-23 12:46 ` Andreu Escudero
2004-11-23 13:41   ` Philipp Gühring
2004-11-23 14:38     ` Magnus Damm
2004-11-23 12:54 ` Paul Brook

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1101252782.8460.105.camel@localhost \
    --to=damm@opensource.se \
    --cc=kmagnum@gmail.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).