virtual machine introspection with xen on arm

8

Virtual Machine Introspection with Xen on ARM Tamas K. Lengyel @tklengyel [email protected]

Upload: tamas-k-lengyel

Post on 19-Jul-2015

869 views

Category:

Software

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: Virtual Machine Introspection with Xen on ARM

Virtual Machine Introspection with Xen on ARMTamas K. Lengyel@[email protected]

Page 2: Virtual Machine Introspection with Xen on ARM

Virtual Machine Introspection

1. Why?2. What is needed?

a. Isolationb. Interpretationc. Interposition

3. Current status

Page 3: Virtual Machine Introspection with Xen on ARM

Why?

● Traditional defense mechanisms don’t integrate well into virtual environments

● Mobile (ARM) platform is rapidly growing● Starting with Cortex-A15 virtualization

extensions are available in hardware● Xen on ARM available since March 2014

Page 4: Virtual Machine Introspection with Xen on ARM

Isolation

Xen Security Modules on ARM● Will be available in 4.5● Allows for advanced

disaggregation● Security domain separate

from the TCB

Page 5: Virtual Machine Introspection with Xen on ARM

Interpretation

Reconstruct guest OS state information● LibVMI purpose built for this task● ARM paging support added in November, 2014● Detect running processes, modules, files,

users etc. in the guest

Page 6: Virtual Machine Introspection with Xen on ARM

Interposition - WiP

Step into the execution of the guest when something of interest happens● Requires hardware & VMM support● ARM two-stage address translation● Configure paging to trap memory accesses● VMM trap handlers need to forward the

events to the security domain

Page 7: Virtual Machine Introspection with Xen on ARM

Patches merged to Xen 4.5

Page 8: Virtual Machine Introspection with Xen on ARM

Interposition - WiP

● Cleanup of Xen MEM_EVENT subsystem● Xen on ARM trap handlers need performance

regression testing● More research needed into ARM hardware

support for event trapping!● SMC is good but limited to the guest kernel

Xen Community Update · Xen Community Update Ian Pratt Chairman of Xen.org and SVP Products at Bromium 1 . ... –Memory Introspection API –CPU Pools for partitioning –Very large

Heterogeneous Realtime Software Architecture · Introduction ˃Stefano Stabellini Xen Project: ‒Founder of the Xen on Arm effort in late 2011 ‒Xen on ARM Maintainer and Committer,

XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, Galois

Secure Xen on ARM: Status and Driver Domain Separation

XPDS14 - Xen on ARM: Status and Performance - Stefano Stabellini, Citrix

Xen on ARM - Linux Plumbers Conference

Zero footprint guest memory introspection from xen

Bringing Commercial Grade Virtual Machine Introspection to KVM€¦ · top of Xen 3.1 • 2008 – VMsafe API announced by VMware, which provides access to a guest’s: CPU, memory,

Xen Beginners Guide - Xen

Porting FreeBSD on Xen on ARM - How to support your OS as Xen

Xen on ARM: status and performance

energy.rajasthan.gov.inenergy.rajasthan.gov.in/content/dam/raj/energy...Khan Sh. Praveen Parihar Desig. XEN XEN XEN XEN XEN XEN XEN XEN XEN XEN XEN XEN XEN XEN XEN AEN AEN AEN AEN

LAS16-309: Server Ecosystem: Xen on ARM, from Big Iron to IoT & LuaJIT status on Aarch64

XenSummit NA 2012: Xen on ARM Cortex A15

LCU14 308- Overview of Xen for ARM Servers

LCA13: Xen on ARM

Efficient VM Introspection in KVM and Performance Comparison with Xen Kenichi Kourai Kousuke Nakamura Kyushu Institute of Technology

ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Stabellini, Citrix

Minimizing I/O Latency in Xen-ARM

Heterogeneous Realtime Software Architecture...Xen Project: ‒Founder of the Xen on Arm effort in late 2011 ‒Xen on ARM Maintainer and Committer, Linux Maintainer ‒Develops Xen

SBSA UART Emulation in Xen on 64-bit ARM Server …schd.ws/hosted_files/xendeveloperanddesignsummit2017/26...SBSA UART Emulation in Xen on 64-bit ARM Server Processor Bhupinder Thakur

PCI Passthrough and ITS Support in Xen / ARM :Xen Dev Summit 2015 Presentation

ARM, Xen, Servers and Evolution of the Data Center · HyperVisors at Hyperscale | Xen User Summit 2013 1 ® Hypervisors at Hyperscale ARM, Xen, Servers and Evolution of the Data Center

Virtual Machine Introspection with Xen

XPDS13: Performance Evaluation of Live Migration based on Xen ARM PVH - Jaeyong Yoo, Samsung

XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bitdefender and Ravi Sahita, Intel

Xen on ARM - LinuxTag

Zero-Footprint Guest Memory Introspection from Xen · o Built on top of Xen 3.1 • 2008 –VMsafe API announced by VMware, which provides access to a guest’s: o CPU, memory, disk,

Deterministic Systems Analysisaburtsev/doc/xen-tt-dissertation-2013.pdf · implements a powerful virtual machine introspection layer that enables an analysis algo-rithm to be programmed

ARM Architecture-based System Virtualization: Xen ARM open ......TcS1 TcS2 TcS3 Test Cases Test Environment Secure Xenon ARM Domain0 (IDD) Domain1 Linux kernel v2.6.21 I/O ACM Linux

Secure Xen on ARM User's Guide

XPDDS17: Xen-lite for ARM: Adapting Xen for a Samsung Exynos MicroServer with Hybrid FPGA IO Acceleration - Julian Chesterfield, OnApp

Secure Xen on ARM xen-summit-April 07 · Presented at Xen Summit Spring 2007, IBM TJ Watson. 2 SW Laboratories, CTO, Samsung Electronics ... Apps. & Services CPU > 500 MIPS CPU >

10 Years of Xen and beyond - LinuxTag€¦ · 10 Years of Xen and beyond … @lars_kurth FREENODE: lars_kurth •Teams aka sub-projects –Hypervisor –XAPI –ARM Hypervisor (for