|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] Re: Regarding Xen security....
On 1/15/07, Anthony Liguori <aliguori@xxxxxxxxxxxxxxxxxx> wrote: David Pilger wrote: > Search for "HVM rootkits", The vast majority of this is, as Keith Adams put its, "quasi-illiterate gibberish." http://x86vmm.blogspot.com/2006/08/blue-pill-is-quasi-illiterate.html Having VT/SVM doesn't really change anything wrt rootkits. Most of what is floating around is FUD. There's nothing you can do today that you couldn't do before VT/SVM. This is true in some manner, it's just that VT/SVM let a rootkit hide itself pretty well from the operating system that it is already attacking. But no doubt it's FUD. At the other end though, Intel invests a lot of efforts in marketing VT as a synonym for security. Regards, Anthony Liguori if your system runs without a hypervisor > and VMX/SVM is enabled in the BIOS then an attacker can gain control > over that layer. But he'll first need to gain control over the > operating system (not so difficult) in order to execute a program with > high privileges. In "VMX root operation" you have total control over > the system (parallel to ring0, one year ago). > > VT-x is intended to provide another ring of security (priviliges), > which lets hypervisors manage unmodified operating systems. > > Right now, if you are not running a hypervisor than it's not secure to > enable VT-x in the BIOS, if you do use some kind of hypervisor, then > the threat is that an attacker will find a security hole in it and > take control over that layer. Right now, there aren't any known > vulnerabilities in software the manage VMX. But I guess that the focus > of malicious people is not exactly at hypervisors. When LaGrande (for > instance) will be a part of any computer, then it will be "benefitial" > to search for vulnerabilities in this layer. > > In summary, there is a risk when no hypervisor occupies the VMX layer > and it is enabled in the BIOS. The only use of this layer by a > malicious program is for properly hiding itself from removal tools. > > Any way, here are some insights: > * If operating systems were secure enough and properly programmed then > VMX was not needed in this regard (to provide security). > * The implementation of VMX is here to take the control of the machine > from a certain operating system, treating an OS just like a "process". > * Its useful for servers that runs virtual machines, this is trivial > use of a hypervisors. > > David. > > > On 1/12/07, Praveen Kushwaha <praveen.kushwaha@xxxxxxxxxxx> wrote: >> >> >> >> Hi Sir, >> >> I have a question regarding the security of Xen. What are >> the >> security threats in with Intel VT-x. >> >> >> >> >> >> Thanks, >> >> Praveen Kushwaha >> >> >> >> _____________________________________________________________________________________________ >> >> >> NEC HCL System Technologies Ltd., 4th Floor, Tower B, Logix Techno Park, >> Noida | Tel: 120 436 6777 Extn 748 >> >> >> >> >> >> >> _______________________________________________ >> Xen-devel mailing list >> Xen-devel@xxxxxxxxxxxxxxxxxxx >> http://lists.xensource.com/xen-devel >> >> >> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |