QEMU for Xen secure by default Deprivileging the PC system emulator - PowerPoint PPT Presentation

Nov 24, 2022 •45 likes •115 views

QEMU for Xen secure by default Deprivileging the PC system emulator Ian Jackson <ian.jackson@eu.citrix.com> FOSDEM 2016 with assistance from Stefano Stabellini guest guest Xen PV driver IDE driver Xen PV protocol mmio, dma, etc.

QEMU for Xen secure by default Deprivileging the PC system emulator Ian Jackson <ian.jackson@eu.citrix.com> FOSDEM 2016 with assistance from Stefano Stabellini
guest guest Xen PV driver IDE driver Xen PV protocol mmio, dma, etc. qemu Emulated IDE controller Xen PV backend (usually), syscalls (usually) dom0 (usu.dom0) kernel Device driver kernel Device driver PV HVM
... ... ... ... ... http://xenbits.xen.org/xsa/ from Xen Security Team advisories page,
Xen on x86 modes, and device model bug implications Current status for users of upstream Xen and distros and future plans Status Device model Notes bugs mean PV Fully supported Safe (no DM) Only modified guests HVM qemu in dom0 Fully supported Vulnerable Current default as root HVM qemu stub DM Upstream but not Safe Ancient qemu qemu-xen-trad. in most distros. Build system problems HVM qemu stub DM In progress Safe Rump build system rump kernel Hard work! is mini distro Targeting HVM qemu dom0 No privilege esc. Defence in depth Xen 4.7 not as root Maybe dom0 DoS Hopefully, will be default
Xen on x86 modes, and device model bug implications Current status for users of upstream Xen and distros and future plans Status Device model Notes bugs mean PV Fully supported Safe (no DM) Only modified guests HVM qemu in dom0 Fully supported Vulnerable Current default as root HVM qemu stub DM Upstream but not Safe Ancient qemu qemu-xen-trad. in most distros. Build system problems HVM qemu stub DM In progress Safe Rump build system rump kernel Hard work! is mini distro Targeting HVM qemu dom0 No privilege esc. Defence in depth Xen 4.7 not as root Maybe dom0 DoS Hopefully, will be default
qemu device model process guest dom0 kernel guest "dma" domain mmio handling net, storage control ioport handling etc. access interrupts underlying Xen disk, network, etc.
Xen on x86 modes, and device model bug implications Current status for users of upstream Xen and distros and future plans Status Device model Notes bugs mean PV Fully supported Safe (no DM) Only modified guests HVM qemu in dom0 Fully supported Vulnerable Current default as root HVM qemu stub DM Upstream but not Safe Ancient qemu qemu-xen-trad. in most distros. Build system problems HVM qemu stub DM In progress Safe Rump build system rump kernel Hard work! is mini distro Targeting HVM qemu dom0 No privilege esc. Defence in depth Xen 4.7 not as root Maybe dom0 DoS Hopefully, will be default

Recommend

QEMU 2.0 and Beyond CloudOpen 2013 Anthony Liguori <anthony@codemonkey.ws> About QEMU

QEMU 2.0 and Beyond CloudOpen 2013 Anthony Liguori <anthony@codemonkey.ws> About QEMU is a fast full system simulator and virtualization engine QEMU is Open Source hardware emulation KVM Xen Android SDK (fork)

431 views • 22 slides

Merging QEMU-DM upstream Taking the '-dm' out of qemu-dm Anthony Liguori aliguori@us.ibm.com

Merging QEMU-DM upstream Taking the '-dm' out of qemu-dm Anthony Liguori aliguori@us.ibm.com IBM Linux Technology Center XenSummit April 16th, 2007 Linux is a registered trademark of Linus Torvalds. What's qemu-dm? HVM device

430 views • 13 slides

QEMU internal APIs How abstractions inside QEMU (don't) work together Eduardo Habkost

QEMU internal APIs How abstractions inside QEMU (don't) work together Eduardo Habkost <ehabkost@redhat.com> 1 Contents Context: QEMU features and interfaces Overview of some internal QEMU APIs Interaction between different abstractions

899 views • 70 slides

Secure by Default Web Applications With Apache Sling Robert Munteanu, Adobe Systems ApacheCon

Secure by Default Web Applications With Apache Sling Secure by Default Web Applications With Apache Sling Robert Munteanu, Adobe Systems ApacheCon Core 2016 http://robert.muntea.nu @rombert Who I am $DAYJOB Open Source Adobe

610 views • 40 slides

Towards a more expressive and introspectable QEMU command line Markus Armbruster

Towards a more expressive and introspectable QEMU command line Markus Armbruster <armbru@redhat.com> KVM Forum 2017 Part I Things we want from the command line A simple example You could run QEMU like this: $ qemu -s -machine

953 views • 83 slides

Improving the QEMU Event Loop Fam Zheng Red Hat KVM Forum 2015 Agenda The event loops in

Improving the QEMU Event Loop Fam Zheng Red Hat KVM Forum 2015 Agenda The event loops in QEMU Challenges Consistency Scalability Correctness The event loops in QEMU QEMU from a mile away Main loop from 10 meters The

523 views • 35 slides

io_uring in QEMU: high-performance disk IO for Linux FOSDEM 2020 Julia Suvorova, Red Hat

io_uring in QEMU: high-performance disk IO for Linux FOSDEM 2020 Julia Suvorova, Red Hat Software Engineer 1 Agenda What well discuss today io_uring API QEMU structure Features of io_uring and how they helped QEMU Benchmarks What

634 views • 20 slides

CSE484/CSE584 SECURE DESIGN PRINCIPLES, OS, AND RUNTIME SECURITY Dr. Benjamin Livshits Some of

CSE484/CSE584 SECURE DESIGN PRINCIPLES, OS, AND RUNTIME SECURITY Dr. Benjamin Livshits Some of f the Common Principles Minimize attack Secure by surface area Default Principle of Fail-Safe Least Stance Privilege Secure the

975 views • 56 slides

Secure by default Anti-exploit techniques and hardenings in SUSE products Johannes Segitz SUSE

Secure by default Anti-exploit techniques and hardenings in SUSE products Johannes Segitz SUSE Security Team 2019-04-02/04 1 of 46 Who am I? Johannes Segitz, security engineer (Nuremberg, Germany) Code review Product pentesting 2 of

1.49k views • 122 slides

QEMU Support for the RISC-V Instruction Set Architecture Sagar Karandikar

QEMU Support for the RISC-V Instruction Set Architecture Sagar Karandikar sagark@eecs.berkeley.edu KVM Forum 2016 https://github.com/riscv/riscv-qemu Outline Why RISC-V? Benefits of an Open ISA RISC-V ISA Basics Virtualization

536 views • 42 slides

Testing QEMU emulated devices using qtest Marc Mar Barcel <marc.mari.barcelo@gmail.com>

Testing QEMU emulated devices using qtest Marc Mar Barcel <marc.mari.barcelo@gmail.com> KVM Forum 2014 Marc Mar Testing QEMU emulated devices using qtest 2 Who am I? Computer Science student Worked on QEMU in GSoC project

597 views • 44 slides

Converging QEMU and TCMU for Container Storage Huamin Chen Red Hat @root_fs

Converging QEMU and TCMU for Container Storage Huamin Chen Red Hat @root_fs https://github.com/rootfs https://huaminchen.wordpress.com/ Agenda Background Collaboration with Andy Grover (TCMU) and Fem Zheng (QEMU) Scope

2.75k views • 14 slides

Backing Chain Management in libvirt and qemu Eric Blake <eblake@redhat.com> KVM Forum,

Backing Chain Management in libvirt and qemu Eric Blake <eblake@redhat.com> KVM Forum, August 2015 In this presentation How does the qcow2 format track point-in-time snapshots What are the qemu building blocks for managing backing

1.6k views • 101 slides

Evaluating storage APIs for QEMU Anthony Liguori aliguori@us.ibm.com Open Virtualization

Evaluating storage APIs for QEMU Anthony Liguori aliguori@us.ibm.com Open Virtualization IBM Linux Technology Center Linux Plumbers Conference 2009 Linux is a registered trademark of Linus Torvalds. The V-Word QEMU is used by Xen and

777 views • 52 slides

Live Block Device Operations in QEMU Kashyap Chamarthy <kashyap@redhat.com> FOSDEM 2018

Live Block Device Operations in QEMU Kashyap Chamarthy <kashyap@redhat.com> FOSDEM 2018 Brussels 1 / 34 Part I Background 2 / 34 KVM / QEMU virtualization components OpenStack libguestfs Compute (Nova) KubeVirt guestfish ( Virt

696 views • 54 slides

An Updated Overview of the QEMU Storage Stack Stefan Hajnoczi stefanha@linux.vnet.ibm.com

An Updated Overview of the QEMU Storage Stack Stefan Hajnoczi stefanha@linux.vnet.ibm.com Open Virtualization IBM Linux Technology Center 2011 Linux is a registered trademark of Linus Torvalds. The topic What is the QEMU storage

408 views • 26 slides

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research & Boston University y Michael Schapira

701 views • 54 slides

QEMU Community Growth Through Open Source Internships Stefan Hajnoczi <stefanha@redhat.com>

QEMU Community Growth Through Open Source Internships Stefan Hajnoczi <stefanha@redhat.com> KVM Forum 2016 Why? QEMU participates in 2 open source internship programs 6 years of participation Many community members involved as

482 views • 19 slides

Qemu code fault automatic discovery with symbolic search Paul Marinescu, Cristian Cadar, Chunjie

Qemu code fault automatic discovery with symbolic search Paul Marinescu, Cristian Cadar, Chunjie Zhu, Philippe Gabriel Goals of this presentation Introduction of KLEE (symbolic execution tool) Qemu fault/patch retrospective Understand

283 views • 13 slides

Securing secure boot with System Management Mode Paolo Bonzini Red Hat, Inc. KVM Forum 2015

Securing secure boot with System Management Mode Paolo Bonzini Red Hat, Inc. KVM Forum 2015 Outline UEFI overview Secure boot and SMM Chipset support: QEMU Hypervisor support: KVM Paolo Bonzini KVM Forum 2015 What is UEFI?

591 views • 29 slides

Rump kernel based QEMU stubdomain Wei Liu Seattle August 17-18, 2015 Agenda Xen 4.6

Rump kernel based QEMU stubdomain Wei Liu Seattle August 17-18, 2015 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Agenda Background Introduction to rump kernel Why rump kernel What are required for QEMU

534 views • 15 slides

IS THE LINUX DESKTOP LESS SECURE THAN WINDOWS 10? OR HOW SUPER MARIO MUSIC CAN OWN YOUR SYSTEM.

IS THE LINUX DESKTOP LESS SECURE THAN WINDOWS 10? OR HOW SUPER MARIO MUSIC CAN OWN YOUR SYSTEM. Hanno Bck https://hboeck.de 1 This was too easy . It should not be possible to find a serious memory corruption vulnerability in the default

577 views • 31 slides

Credit Default Swaps Pamela Heijmans Matthew Hays Adoito Haroon Credit Default Swaps

Credit Default Swaps Pamela Heijmans Matthew Hays Adoito Haroon Credit Default Swaps Definition A credit default swap (CDS) is a kind of insurance against credit risk Privately negotiated bilateral contract Reference Obligation,

1.11k views • 42 slides

Virtualization with KVM/QEMU Report: Veit Hoehn (hoehn@cip.ifi.lmu.de) The Task: Set up virtual

The Bioinformatics Lab SS2011 May 23, 2011 Virtualization with KVM/QEMU Report: Veit Hoehn (hoehn@cip.ifi.lmu.de) The Task: Set up virtual machine on Server Virtualization with KVM/QEMU 2 1. Creating the virtual machine Connect to server

473 views • 9 slides