enhance protection from security bugs in the xen
play

Enhance protection from security bugs in the Xen hypervisor Anthony - PowerPoint PPT Presentation

Jul 03, 2023 •653 likes •859 views

Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture Dom0 VMs QEMU Xen Scheduler MMU vPIC Memory CPUs I/O HW Emulation in hypervisor For performance Examples: Interrupt controller

  1. Enhance protection from security bugs in the Xen hypervisor Anthony PERARD

  2. Xen architecture Dom0 VMs QEMU Xen Scheduler MMU vPIC Memory CPUs I/O HW

  3. Emulation in hypervisor ● For performance ● Examples: – Interrupt controller – Real mode emulation – Timers

  4. Emulation in hypervisor ● For performance ● Examples: – Interrupt controller – Real mode emulation – Timers ● Have same privilege as the hypervisor

  5. Reduce severity of bugs ● Deprivilege emulator execution ● Different memory space ● User mode

  6. Deprivileged mode ● Prepare page tables for user access

  7. Deprivileged mode ● Prepare page tables for user access ● Emulator code into different section – .hvm_deprivileged_enhancement.text

  8. Deprivileged mode ● Prepare page tables for user access ● Emulator code into different section ● Have context switch: – vmx_ctxt_switch_from() – Save EFER, then allow sysret/syscall – Save registers – Setup new stack for depriv mode – Sysret – Now in user mode, call the function

  9. Deprivileged mode ● Prepare page tables for user access ● Emulator code into different section ● Have context switch ● Jump table for switch statement issue – .rodata

  10. Bad behavior ● What if there is a bug in the emulator? – Access other memory? – Infinite loop? – Other exception?

  11. Bad behavior ● Trap handlers for exception: – Page fault – General exception – ...

  12. Bad behavior ● Trap handlers for exception: – Page fault – General exception – ... → crash domain!

  13. Bad behavior ● Trap handlers for exception: – Page fault – General exception – ... → crash domain! ● Infinit loop? – Watchdog

  14. Bad behavior ● Trap handlers for exception: – Page fault – General exception – ... → crash domain! ● Infinit loop? – Watchdog → crash domain

  15. Syscall from depriv mode ● Do privileged command while in depriv mode

  16. Syscall from depriv mode ● Do privileged command while in depriv mode – Set a number in a register, then syscall

  17. Syscall from depriv mode ● Do privileged command while in depriv mode – Set a number in a register, then syscall ● Problem, syscall use same return path – Have a syscall number for actual return

  18. Conclusion ● Optimisation ● Benchmark ● Do not trust depriv mode ● Work in progress

  19. Conclusion ● Optimisation ● Benchmark ● Do not trust depriv mode ● Work in progress ● Proof-of-concept by Ben Catterall ● Look for “deprivileged mode” in xen-devel archive – http://lists.xen.org/archives/html/xen-devel/

  20. Question? ● Look for “deprivileged mode” in xen-devel archive – http://lists.xen.org/archives/html/xen-devel/

Recommend

Security Bugs in Protocols are Really Bad! Marsh Ray PhoneFactor Protocol Bugs Objectives

Security Bugs in Protocols are Really Bad! Marsh Ray PhoneFactor Protocol Bugs Objectives

Security Bugs in Protocols are Really Bad! Marsh Ray PhoneFactor Protocol Bugs Objectives Discuss the complexities in mitigating security bugs occurring in network protocols. Describe some current issues. Leave time for Q&A.

631 views • 50 slides
Security While protection has been discussed throughout the class kernel vs. user mode,

Security While protection has been discussed throughout the class kernel vs. user mode,

Security While protection has been discussed throughout the class kernel vs. user mode, protected memory, file permissions these mechanisms have generally been focused on protection from accidental misuse (software bugs, novice

463 views • 13 slides
Defect Detection Thomas Zimmermann The First Bug September 9, 1947 More Bugs More Bugs More

Defect Detection Thomas Zimmermann The First Bug September 9, 1947 More Bugs More Bugs More

Defect Detection Thomas Zimmermann The First Bug September 9, 1947 More Bugs More Bugs More Bugs More Bugs More Bugs More Bugs More Bugs More Bugs More Bugs More Bugs More Bugs More Bugs Facts on Debugging Software bugs are

840 views • 63 slides
Chapter 20 Silberschatz and Galvin Security Protection and Security Protection is a strictly

Chapter 20 Silberschatz and Galvin Security Protection and Security Protection is a strictly

Chapter 20 Silberschatz and Galvin Security Protection and Security Protection is a strictly internal problem Protection: mechanism for controlling the access of programs, processes, or users to the resources defined by a computer

499 views • 16 slides
Outline Bugs! 1 Avoiding and Finding bugs 2 Bugs still happen 3 Why do bugs still happen ?!

Outline Bugs! 1 Avoiding and Finding bugs 2 Bugs still happen 3 Why do bugs still happen ?!

Failure is not an option * A journey through software bugs Philippe Biondi Nov 20 th 2015 / GreHack Failure is not an option * Outline Bugs! 1 Avoiding and Finding bugs 2 Bugs still happen 3 Why do bugs still happen ?! 4 Living with bugs

966 views • 63 slides
Finding Bugs Last time Run-time reordering transformations Today Program Analysis for

Finding Bugs Last time Run-time reordering transformations Today Program Analysis for

Finding Bugs Last time Run-time reordering transformations Today Program Analysis for finding bugs, especially security bugs problem specification motivation approaches remaining issues CS553 Lecture Finding Bugs 2

461 views • 8 slides
Whitebox Fuzzing David Molnar Microsoft Research Problem: Security Bugs in File Parsers Hundreds

Whitebox Fuzzing David Molnar Microsoft Research Problem: Security Bugs in File Parsers Hundreds

Whitebox Fuzzing David Molnar Microsoft Research Problem: Security Bugs in File Parsers Hundreds of file formats are supported in Windows, Office, et al. Many written in C/C++ Programming errors security bugs! Random choice of x: one

493 views • 35 slides
Security 101 Definition of Information Security Information security is the protection of

Security 101 Definition of Information Security Information security is the protection of

Computing Services Information Security Office Security 101 Definition of Information Security Information security is the protection of information and systems from unauthorized access, disclosure, modification, destruction or disruption. The

469 views • 22 slides
Preventing Security Bugs Through Software Design Christoph Kern, Google xtof@google.com The

Preventing Security Bugs Through Software Design Christoph Kern, Google xtof@google.com The

Preventing Security Bugs Through Software Design Christoph Kern, Google xtof@google.com The Same Bugs, Over and Over Again... SQL-injection, XSS, XSRF, etc -- OWASP Top 10 Root cause Inherently bug-prone APIs Developers are

313 views • 28 slides
Design, Privilege Separation CS 161: Computer Security Prof. David Wagner January 27, 2016

Design, Privilege Separation CS 161: Computer Security Prof. David Wagner January 27, 2016

Software Security: Design, Privilege Separation CS 161: Computer Security Prof. David Wagner January 27, 2016 Robustness Security bugs are a fact of life How can we use access control to improve the security of software, so security bugs

695 views • 32 slides
Protection & Security Threat is potential security violation Attack is attempt to

Protection & Security Threat is potential security violation Attack is attempt to

CSE 421/521 - Operating Systems The Security Problem Fall 2011 Protecting your system resources, your files, identity, confidentiality, or privacy Lecture - XXVI Intruders (crackers) attempt to breach security Protection &

437 views • 5 slides
THE DEVELOPMENT OF STRATEGIES TO MAINTAIN AND ENHANCE THE PROTECTION OF ECOSYSTEM SERVICES IN

THE DEVELOPMENT OF STRATEGIES TO MAINTAIN AND ENHANCE THE PROTECTION OF ECOSYSTEM SERVICES IN

The Biodiversity Resource Mobilisation (ResMob) project of the Ministry of Environment and Tourism (MET), in partnership with GiZ TEEB COUNTRY STUDY: THE DEVELOPMENT OF STRATEGIES TO MAINTAIN AND ENHANCE THE PROTECTION OF ECOSYSTEM SERVICES IN

589 views • 39 slides
Protection and Security Threat is potential security violation Attack is attempt to breach

Protection and Security Threat is potential security violation Attack is attempt to breach

CSC 4103 - Operating Systems The Security Problem Spring 2007 Security must consider external environment of the system, and protect the system resources Lecture - XX Intruders (crackers) attempt to breach security Protection and

195 views • 4 slides
Enhance your guest experience. Partnered with: Rooam provides added protection against

Enhance your guest experience. Partnered with: Rooam provides added protection against

Enhance your guest experience. Partnered with: Rooam provides added protection against fraudulent transactions and provides our restaurants with a faster and more secure payment process. Using Rooams solution gives my stafg and me more

301 views • 12 slides
Race Conditions A common cause of security bugs Usually involve multiprogramming or

Race Conditions A common cause of security bugs Usually involve multiprogramming or

Race Conditions A common cause of security bugs Usually involve multiprogramming or multithreaded programs Caused by different threads of control operating in unpredictable fashion When programmer thought theyd work in a

649 views • 21 slides
Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule Comparison

Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule Comparison

Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule Comparison Qiushi Wu , Yang He, Stephen McCamant, and Kangjie Lu 1 Why do we need to identify security bugs? 2 Motivation The overwhelming number of bugs

1.12k views • 66 slides
BED BUGS HOW TO HELP SOLVE THE PROBLEM WHAT ARE BED BUGS? Bed bugs are parasites that feed on

BED BUGS HOW TO HELP SOLVE THE PROBLEM WHAT ARE BED BUGS? Bed bugs are parasites that feed on

BED BUGS HOW TO HELP SOLVE THE PROBLEM WHAT ARE BED BUGS? Bed bugs are parasites that feed on blood They are reddish-brown in colour An adult bed bug is approximately the size of an apple seed An egg is approximately the size of a

163 views • 15 slides
Security 1 Recap: Protection Protection Prevent unintended/unauthorized accesses

Security 1 Recap: Protection Protection Prevent unintended/unauthorized accesses

Security 1 Recap: Protection Protection Prevent unintended/unauthorized accesses Protection domains Class hierarchy: root can to everything a normal user can do + alpha Access control matrix Domains (Users)

575 views • 24 slides
Serialization Bugs About Me Rohit Salecha Senior Security Consultant @ NotSoSecure 7+ yrs

Serialization Bugs About Me Rohit Salecha Senior Security Consultant @ NotSoSecure 7+ yrs

Serialization Bugs About Me Rohit Salecha Senior Security Consultant @ NotSoSecure 7+ yrs of Corporate Experience Pentesting (Web, Mobile, Infra) and Development in Java Trainer : AppSec for Developers, Basic Web Hacking @

535 views • 28 slides
Outline OS security: protection and isolation CSci 5271 OS security: authentication

Outline OS security: protection and isolation CSci 5271 OS security: authentication

Outline OS security: protection and isolation CSci 5271 OS security: authentication Introduction to Computer Security Announcements intermission Day 9: OS security basics Stephen McCamant Basics of access control University of Minnesota,

269 views • 8 slides
Outline Operating System Security Introduction CS 239 Memory protection

Outline Operating System Security Introduction CS 239 Memory protection

Outline Operating System Security Introduction CS 239 Memory protection Interprocess communications protection Security for Networks and File protection System Software Authentication May 20, 2002 Lecture 13 Lecture

348 views • 12 slides
A Brief Intro to Security December 5th, 2013 What is Computer Security? The protection

A Brief Intro to Security December 5th, 2013 What is Computer Security? The protection

A Brief Intro to Security December 5th, 2013 What is Computer Security? The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and

296 views • 14 slides
Urban Water Security Research Alliance Urban Creeks in SEQ - can bugs live anywhere? Role of

Urban Water Security Research Alliance Urban Creeks in SEQ - can bugs live anywhere? Role of

Urban Water Security Research Alliance Urban Creeks in SEQ - can bugs live anywhere? Role of habitat and hydrology Fran Sheldon Stormwater Harvesting and Ecohydrology Science Forum, 19-20 June 2012 CONCEPTUAL MODEL Urbanisation Changed

373 views • 20 slides
CS412 Software Security Software Bugs Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Software Bugs Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Software Bugs Mathias Payer EPFL, Spring 2019 Mathias Payer CS412 Software Security From Software Bugs to Attack Primitives Attack primitives are exploit building blocks Software bugs map to attack primitives , i.e.,

512 views • 23 slides

More recommend