SlideShare a Scribd company logo

Securing your cloud with Xen's advanced security features

The Linux Foundation
The Linux Foundation

Xen is a mature enterprise-grade virtual machine with many advanced security features which are unique to Xen. For this reason it's the hypervisor of choice for the NSA, the DoD, and the new QubesOS Secure Desktop project. However, while much of the security of Xen is inherent in its design, many of the advanced security features, such as stub domains, driver domains, XSM, and so on are not enabled by default. This session will describe all of the advanced security features of Xen, and the best way to configure them for the Cloud environment.

Technology
1 of 28
Download to read offline
Intro Network path Bootloader Device model Xen Conclusion Securing your cloud with Xen’s advanced security features George Dunlap Brussels – February 2-3, 2013
Intro Network path Bootloader Device model Xen Conclusion Intro Xen is an enterprise-grade Type I hypervisor Built for the Cloud before it was called the Cloud A number of advanced security features Driver domains, stub domains, FLASK, &c Most of them aren’t or can’t be turned on by default Although simple to use, sometimes seem complicated Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 2 / 28
Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Equipped with the knowledge to get them working Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 3 / 28
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces and Xen features we can use to mitigate them Driver domains pvgrub stub domains PV vs HVM FLASK example policy Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 4 / 28
Intro Network path Bootloader Device model Xen Conclusion Xen Architecture dom 0 device model (qemu) toolstack Paravirtualized Fully (PV) Virtualized Domain (HVM) Hardware netback netfront Domain Drivers blkback blkfront Xen Hypervisor I/O Devices CPU Memory Hardware Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 5 / 28
Intro Network path Bootloader Device model Xen Conclusion Security Overview Threat Model Attacker can access network Attacker controls one guest OS Security considerations How much code is accessible? What is the interface like? (e.g., pointers vs scalars) Defense-in-depth Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 6 / 28
Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Network drivers in dom0 PV guests with pygrub HVM guests with qemu running in domain 0 Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 7 / 28
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC netback netfront Driver Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Bugs in hardware driver Bugs in bridging / filtering Bugs in netback via the ring protocol Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 8 / 28
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC netback netfront Driver Xen Hypervisor Control NIC Guest NIC Hardware What does it buy you? Control of domain 0 kernel Pretty much control of the whole system Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 9 / 28
Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables bridge Rogue Domain NIC netfront NIC netback Driver Driver Xen Hypervisor Control NIC Guest NIC Hardware What is it? Unprivileged VM which drives hardware, provides access to guests Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 10 / 28
Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables bridge Rogue Domain NIC netfront NIC netback Driver Driver Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Guest network traffic Control of NIC Opportunity to attack netfront of other guests Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 11 / 28
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Add backend=domnet to vif declaration vif = [ ’type=pv, bridge=xenbr0, backend=domnet’ ] http://wiki.xen.org/wiki/Driver Domain Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 12 / 28
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder Paravirtualized pygrub (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Python program running in domain 0 Reads guest FS, parses grub.conf, presents menu Passes resulting kernel image to domain builder Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 13 / 28
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder Paravirtualized pygrub (PV) Domain guest disk Xen Hypervisor How to break in? Bugs in file system parser Bugs in menu parser Bugs in domain builder Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 14 / 28
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder Paravirtualized pygrub (PV) Domain kernel guest disk Xen Hypervisor What does it buy you? Control of domain 0 user space Pretty much control of the whole system Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 15 / 28
Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 toolstack kernel domain image builder Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Passing a known-good kernel from domain 0 Removes attacker avenue to domain builder Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 16 / 28
Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 toolstack kernel domain image builder Paravirtualized (PV) Domain guest disk Xen Hypervisor Disadvantages Host admin must keep up with kernel updates Guest admin can’t pass kernel parameters, custom kernels, Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 17 / 28
Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context PV equivalent of HVM “BIOS + grub” Now an exploit buys you: Control of your own VM Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 18 / 28
Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Use appropriate pvgrub as bootloader in guest config kernel="/usr/lib/xen/boot/pvgrub-x86_32.gz" http://wiki.xen.org/wiki/Pvgrub Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 19 / 28
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) How to break in? Bugs in NIC emulator parsing packets Bugs in emulation of virtual devices What does it buy you? Domain 0 privileged userspace Pretty much control of the whole system Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 20 / 28
Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains What is it? Stub domain: a small “service” domain running just one application qemu stub domain: run each qemu in its own domain Now an exploit buys you: Control of the stubom VM ...which we assume you control Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 21 / 28
Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the pvgrub image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Specify stub domains in your guest config device_model_stubdomain_override = 1 http://wiki.xen.org/wiki/Device Model Stub Domains Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 22 / 28
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen PV guests PV Hypercalls HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization Security practice: Use PV VMs Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 23 / 28
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Xen Equivalent of SELinux Uses same concepts, tools as SELinux Allows a policy to restrict hypercalls What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges FLASK example policy This contains example roles for dom0, domU, stub domains, driver domains, &c Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 24 / 28
Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] stubdom label=[foo] WARNING: In 4.2, the example policy not extensively tested. Use with care! http://wiki.xen.org/wiki/Xen Security Modules : XSM- FLASK Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 25 / 28
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces and Xen features we can use to mitigate them Driver domains pvgrub stub domains PV vs HVM Experimental: Example policy for FLASK Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 26 / 28
Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Equipped with the knowledge to get them working Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 27 / 28
Intro Network path Bootloader Device model Xen Conclusion Questions Questions? More info at http://wiki.xen.org/wiki/Securing Xen Check out our blog: http://blog.xen.org/ Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 28 / 28

Recommended

Hypervisor seminar
Hypervisor seminarHypervisor seminar
Hypervisor seminar용환 노
 
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...Stefano Stabellini
 
Xen in Safety-Critical Systems - Critical Summit 2022
Xen in Safety-Critical Systems - Critical Summit 2022Xen in Safety-Critical Systems - Critical Summit 2022
Xen in Safety-Critical Systems - Critical Summit 2022Stefano Stabellini
 
ELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for EmbeddedELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for EmbeddedStefano Stabellini
 
OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training The Linux Foundation
 
Xen Debugging
Xen DebuggingXen Debugging
Xen DebuggingThe Linux Foundation
 
ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)The Linux Foundation
 
Linux PV on HVM
Linux PV on HVMLinux PV on HVM
Linux PV on HVMThe Linux Foundation
 

Recommended

Hypervisor seminar
Hypervisor seminarHypervisor seminar
Hypervisor seminar용환 노
 
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...
Static Partitioning with Xen, LinuxRT, and Zephyr: A Concrete End-to-end Exam...Stefano Stabellini
 
Xen in Safety-Critical Systems - Critical Summit 2022
Xen in Safety-Critical Systems - Critical Summit 2022Xen in Safety-Critical Systems - Critical Summit 2022
Xen in Safety-Critical Systems - Critical Summit 2022Stefano Stabellini
 
ELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for EmbeddedELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for EmbeddedStefano Stabellini
 
OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training The Linux Foundation
 
Xen Debugging
Xen DebuggingXen Debugging
Xen DebuggingThe Linux Foundation
 
ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)The Linux Foundation
 
Linux PV on HVM
Linux PV on HVMLinux PV on HVM
Linux PV on HVMThe Linux Foundation
 
System Device Tree and Lopper: Concrete Examples - ELC NA 2022
System Device Tree and Lopper: Concrete Examples - ELC NA 2022System Device Tree and Lopper: Concrete Examples - ELC NA 2022
System Device Tree and Lopper: Concrete Examples - ELC NA 2022Stefano Stabellini
 
Server virtualization by VMWare
Server virtualization by VMWareServer virtualization by VMWare
Server virtualization by VMWaresgurnam73
 
Installing Aix
Installing AixInstalling Aix
Installing AixFrederick James Rathweg
 
VMware vSphere technical presentation
VMware vSphere technical presentationVMware vSphere technical presentation
VMware vSphere technical presentationaleyeldean
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMHypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMvwchu
 
Xen on ARM for embedded and IoT: from secure containers to dom0less systems
Xen on ARM for embedded and IoT: from secure containers to dom0less systemsXen on ARM for embedded and IoT: from secure containers to dom0less systems
Xen on ARM for embedded and IoT: from secure containers to dom0less systemsStefano Stabellini
 
Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Stefano Stabellini
 
VMware vSphere Performance Troubleshooting
VMware vSphere Performance TroubleshootingVMware vSphere Performance Troubleshooting
VMware vSphere Performance TroubleshootingDan Brinkmann
 
Hypervisors
HypervisorsHypervisors
HypervisorsInzemamul Haque
 
Introduction to Hyper-V
Introduction to Hyper-VIntroduction to Hyper-V
Introduction to Hyper-VMark Wilson
 
Design and Concepts of Android Graphics
Design and Concepts of Android GraphicsDesign and Concepts of Android Graphics
Design and Concepts of Android GraphicsNational Cheng Kung University
 
Virtual Infrastructure Overview
Virtual Infrastructure OverviewVirtual Infrastructure Overview
Virtual Infrastructure Overviewvalerian_ceaus
 
Paravirtualization
ParavirtualizationParavirtualization
ParavirtualizationShahbaz Sidhu
 
Xen Hypervisor
Xen HypervisorXen Hypervisor
Xen HypervisorSusheel Thakur
 
Esxi troubleshooting
Esxi troubleshootingEsxi troubleshooting
Esxi troubleshootingOvi Chis
 
malloc & vmalloc in Linux
malloc & vmalloc in Linuxmalloc & vmalloc in Linux
malloc & vmalloc in LinuxAdrian Huang
 
Fosdem 18: Securing embedded Systems using Virtualization
Fosdem 18: Securing embedded Systems using VirtualizationFosdem 18: Securing embedded Systems using Virtualization
Fosdem 18: Securing embedded Systems using VirtualizationThe Linux Foundation
 
Aix overview
Aix overviewAix overview
Aix overviewRaja Waseem Akhtar
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 
Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP The Linux Foundation
 
Linaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMLinaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMThe Linux Foundation
 

More Related Content

What's hot

System Device Tree and Lopper: Concrete Examples - ELC NA 2022
System Device Tree and Lopper: Concrete Examples - ELC NA 2022System Device Tree and Lopper: Concrete Examples - ELC NA 2022
System Device Tree and Lopper: Concrete Examples - ELC NA 2022Stefano Stabellini
 
Server virtualization by VMWare
Server virtualization by VMWareServer virtualization by VMWare
Server virtualization by VMWaresgurnam73
 
VMware vSphere technical presentation
VMware vSphere technical presentationVMware vSphere technical presentation
VMware vSphere technical presentationaleyeldean
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMHypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMvwchu
 
Xen on ARM for embedded and IoT: from secure containers to dom0less systems
Xen on ARM for embedded and IoT: from secure containers to dom0less systemsXen on ARM for embedded and IoT: from secure containers to dom0less systems
Xen on ARM for embedded and IoT: from secure containers to dom0less systemsStefano Stabellini
 
Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Stefano Stabellini
 
VMware vSphere Performance Troubleshooting
VMware vSphere Performance TroubleshootingVMware vSphere Performance Troubleshooting
VMware vSphere Performance TroubleshootingDan Brinkmann
 
Introduction to Hyper-V
Introduction to Hyper-VIntroduction to Hyper-V
Introduction to Hyper-VMark Wilson
 
Virtual Infrastructure Overview
Virtual Infrastructure OverviewVirtual Infrastructure Overview
Virtual Infrastructure Overviewvalerian_ceaus
 
Esxi troubleshooting
Esxi troubleshootingEsxi troubleshooting
Esxi troubleshootingOvi Chis
 
malloc & vmalloc in Linux
malloc & vmalloc in Linuxmalloc & vmalloc in Linux
malloc & vmalloc in LinuxAdrian Huang
 
Fosdem 18: Securing embedded Systems using Virtualization
Fosdem 18: Securing embedded Systems using VirtualizationFosdem 18: Securing embedded Systems using Virtualization
Fosdem 18: Securing embedded Systems using VirtualizationThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 

What's hot (20)

System Device Tree and Lopper: Concrete Examples - ELC NA 2022
System Device Tree and Lopper: Concrete Examples - ELC NA 2022System Device Tree and Lopper: Concrete Examples - ELC NA 2022
System Device Tree and Lopper: Concrete Examples - ELC NA 2022
 
Server virtualization by VMWare
Server virtualization by VMWareServer virtualization by VMWare
Server virtualization by VMWare
 
Installing Aix
Installing AixInstalling Aix
Installing Aix
 
VMware vSphere technical presentation
VMware vSphere technical presentationVMware vSphere technical presentation
VMware vSphere technical presentation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMHypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
 
Xen on ARM for embedded and IoT: from secure containers to dom0less systems
Xen on ARM for embedded and IoT: from secure containers to dom0less systemsXen on ARM for embedded and IoT: from secure containers to dom0less systems
Xen on ARM for embedded and IoT: from secure containers to dom0less systems
 
Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)
 
VMware vSphere Performance Troubleshooting
VMware vSphere Performance TroubleshootingVMware vSphere Performance Troubleshooting
VMware vSphere Performance Troubleshooting
 
Hypervisors
HypervisorsHypervisors
Hypervisors
 
Introduction to Hyper-V
Introduction to Hyper-VIntroduction to Hyper-V
Introduction to Hyper-V
 
Design and Concepts of Android Graphics
Design and Concepts of Android GraphicsDesign and Concepts of Android Graphics
Design and Concepts of Android Graphics
 
Virtual Infrastructure Overview
Virtual Infrastructure OverviewVirtual Infrastructure Overview
Virtual Infrastructure Overview
 
Paravirtualization
ParavirtualizationParavirtualization
Paravirtualization
 
Xen Hypervisor
Xen HypervisorXen Hypervisor
Xen Hypervisor
 
Esxi troubleshooting
Esxi troubleshootingEsxi troubleshooting
Esxi troubleshooting
 
malloc & vmalloc in Linux
malloc & vmalloc in Linuxmalloc & vmalloc in Linux
malloc & vmalloc in Linux
 
Fosdem 18: Securing embedded Systems using Virtualization
Fosdem 18: Securing embedded Systems using VirtualizationFosdem 18: Securing embedded Systems using Virtualization
Fosdem 18: Securing embedded Systems using Virtualization
 
Aix overview
Aix overviewAix overview
Aix overview
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 

Viewers also liked

Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP The Linux Foundation
 
Linaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMLinaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMThe Linux Foundation
 
LinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondLinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondThe Linux Foundation
 
Что такое OpenStack
Что такое OpenStackЧто такое OpenStack
Что такое OpenStackIlya Alekseyev
 
Демо установки OpenStack с помощью devstack
Демо установки OpenStack с помощью devstackДемо установки OpenStack с помощью devstack
Демо установки OpenStack с помощью devstackMirantis
 
Windsor: Domain 0 Disaggregation for XenServer and XCP
Windsor: Domain 0 Disaggregation for XenServer and XCP Windsor: Domain 0 Disaggregation for XenServer and XCP
Windsor: Domain 0 Disaggregation for XenServer and XCPThe Linux Foundation
 
Архитектура OpenStack
Архитектура OpenStackАрхитектура OpenStack
Архитектура OpenStackMirantis
 
Xen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTXen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTThe Linux Foundation
 
Xen Project Contributor Training - Part 1 introduction v1.0
Xen Project Contributor Training - Part 1 introduction v1.0Xen Project Contributor Training - Part 1 introduction v1.0
Xen Project Contributor Training - Part 1 introduction v1.0The Linux Foundation
 
Xen Project Contributor Training Part2 : Processes and Conventions v1.1
Xen Project Contributor Training Part2 : Processes and Conventions v1.1Xen Project Contributor Training Part2 : Processes and Conventions v1.1
Xen Project Contributor Training Part2 : Processes and Conventions v1.1The Linux Foundation
 
Network and network security
Network and network securityNetwork and network security
Network and network securityRuchi Gupta
 
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...The Linux Foundation
 
LF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesLF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesThe Linux Foundation
 
Why is email security important?
Why is email security important?Why is email security important?
Why is email security important?NeoCertified
 

Viewers also liked (20)

Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP Scale11x : Virtualization with Xen and XCP
Scale11x : Virtualization with Xen and XCP
 
Linaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMLinaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARM
 
LinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondLinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and Beyond
 
Что такое OpenStack
Что такое OpenStackЧто такое OpenStack
Что такое OpenStack
 
Демо установки OpenStack с помощью devstack
Демо установки OpenStack с помощью devstackДемо установки OpenStack с помощью devstack
Демо установки OpenStack с помощью devstack
 
Windsor: Domain 0 Disaggregation for XenServer and XCP
Windsor: Domain 0 Disaggregation for XenServer and XCP Windsor: Domain 0 Disaggregation for XenServer and XCP
Windsor: Domain 0 Disaggregation for XenServer and XCP
 
Performance Tuning Xen
Performance Tuning XenPerformance Tuning Xen
Performance Tuning Xen
 
Архитектура OpenStack
Архитектура OpenStackАрхитектура OpenStack
Архитектура OpenStack
 
Xen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTXen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XT
 
Xen Project Contributor Training - Part 1 introduction v1.0
Xen Project Contributor Training - Part 1 introduction v1.0Xen Project Contributor Training - Part 1 introduction v1.0
Xen Project Contributor Training - Part 1 introduction v1.0
 
Xen Project Contributor Training Part2 : Processes and Conventions v1.1
Xen Project Contributor Training Part2 : Processes and Conventions v1.1Xen Project Contributor Training Part2 : Processes and Conventions v1.1
Xen Project Contributor Training Part2 : Processes and Conventions v1.1
 
Xen 4.3 Roadmap
Xen 4.3 RoadmapXen 4.3 Roadmap
Xen 4.3 Roadmap
 
Network and network security
Network and network securityNetwork and network security
Network and network security
 
Nymble: Blocking System
Nymble: Blocking SystemNymble: Blocking System
Nymble: Blocking System
 
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
 
Network Security
Network SecurityNetwork Security
Network Security
 
LF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesLF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and Futures
 
Xen Project: Windows PV Drivers
Xen Project: Windows PV DriversXen Project: Windows PV Drivers
Xen Project: Windows PV Drivers
 
Why is email security important?
Why is email security important?Why is email security important?
Why is email security important?
 
Email security
Email securityEmail security
Email security
 

Similar to Securing your cloud with Xen's advanced security features

Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Russell Pavlicek
 
ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...The Linux Foundation
 
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...Yury Chemerkin
 
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixLCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixThe Linux Foundation
 
Xen & the Art of Virtualization
Xen & the Art of VirtualizationXen & the Art of Virtualization
Xen & the Art of VirtualizationTareque Hossain
 
Networking in Docker EE 2.0 with Kubernetes and Swarm
Networking in Docker EE 2.0 with Kubernetes and SwarmNetworking in Docker EE 2.0 with Kubernetes and Swarm
Networking in Docker EE 2.0 with Kubernetes and SwarmAbhinandan P.b
 
Networking in docker ee with kubernetes and swarm
Networking in docker ee with kubernetes and swarmNetworking in docker ee with kubernetes and swarm
Networking in docker ee with kubernetes and swarmDocker, Inc.
 
Automating CloudStack with Puppet - David Nalley
Automating CloudStack with Puppet - David NalleyAutomating CloudStack with Puppet - David Nalley
Automating CloudStack with Puppet - David NalleyPuppet
 
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012The Linux Foundation
 
Automating Your CloudStack Cloud with Puppet
Automating Your CloudStack Cloud with PuppetAutomating Your CloudStack Cloud with Puppet
Automating Your CloudStack Cloud with Puppetbuildacloud
 
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...The Linux Foundation
 
LOAD BALANCING OF APPLICATIONS USING XEN HYPERVISOR
LOAD BALANCING OF APPLICATIONS USING XEN HYPERVISORLOAD BALANCING OF APPLICATIONS USING XEN HYPERVISOR
LOAD BALANCING OF APPLICATIONS USING XEN HYPERVISORVanika Kapoor
 
Cloud computing using Eucalyptus
Cloud computing using EucalyptusCloud computing using Eucalyptus
Cloud computing using EucalyptusAbhishek Dey
 
Xen and the art of virtualization
Xen and the art of virtualizationXen and the art of virtualization
Xen and the art of virtualizationAbdul417101
 

Similar to Securing your cloud with Xen's advanced security features (20)

Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)
 
Xen Community Update 2011
Xen Community Update 2011Xen Community Update 2011
Xen Community Update 2011
 
ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...
 
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
 
Nos Windows
Nos WindowsNos Windows
Nos Windows
 
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixLCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
 
XS Boston 2008 XenLoop
XS Boston 2008 XenLoopXS Boston 2008 XenLoop
XS Boston 2008 XenLoop
 
Xen & the Art of Virtualization
Xen & the Art of VirtualizationXen & the Art of Virtualization
Xen & the Art of Virtualization
 
Networking in Docker EE 2.0 with Kubernetes and Swarm
Networking in Docker EE 2.0 with Kubernetes and SwarmNetworking in Docker EE 2.0 with Kubernetes and Swarm
Networking in Docker EE 2.0 with Kubernetes and Swarm
 
Networking in docker ee with kubernetes and swarm
Networking in docker ee with kubernetes and swarmNetworking in docker ee with kubernetes and swarm
Networking in docker ee with kubernetes and swarm
 
Automating CloudStack with Puppet - David Nalley
Automating CloudStack with Puppet - David NalleyAutomating CloudStack with Puppet - David Nalley
Automating CloudStack with Puppet - David Nalley
 
Virtualization in the cloud
Virtualization in the cloudVirtualization in the cloud
Virtualization in the cloud
 
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
 
Automating Your CloudStack Cloud with Puppet
Automating Your CloudStack Cloud with PuppetAutomating Your CloudStack Cloud with Puppet
Automating Your CloudStack Cloud with Puppet
 
Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008
 
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
 
Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008
 
LOAD BALANCING OF APPLICATIONS USING XEN HYPERVISOR
LOAD BALANCING OF APPLICATIONS USING XEN HYPERVISORLOAD BALANCING OF APPLICATIONS USING XEN HYPERVISOR
LOAD BALANCING OF APPLICATIONS USING XEN HYPERVISOR
 
Cloud computing using Eucalyptus
Cloud computing using EucalyptusCloud computing using Eucalyptus
Cloud computing using Eucalyptus
 
Xen and the art of virtualization
Xen and the art of virtualizationXen and the art of virtualization
Xen and the art of virtualization
 

More from The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEThe Linux Foundation
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityThe Linux Foundation
 
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSEXPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSEThe Linux Foundation
 

More from The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
 
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSEXPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
XPDDS19: Support of PV Devices in Nested Xen - Jürgen Groß, SUSE
 

Recently uploaded

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Securing your cloud with Xen's advanced security features

  • 1. Intro Network path Bootloader Device model Xen Conclusion Securing your cloud with Xen’s advanced security features George Dunlap Brussels – February 2-3, 2013
  • 2. Intro Network path Bootloader Device model Xen Conclusion Intro Xen is an enterprise-grade Type I hypervisor Built for the Cloud before it was called the Cloud A number of advanced security features Driver domains, stub domains, FLASK, &c Most of them aren’t or can’t be turned on by default Although simple to use, sometimes seem complicated Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 2 / 28
  • 3. Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Equipped with the knowledge to get them working Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 3 / 28
  • 4. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces and Xen features we can use to mitigate them Driver domains pvgrub stub domains PV vs HVM FLASK example policy Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 4 / 28
  • 5. Intro Network path Bootloader Device model Xen Conclusion Xen Architecture dom 0 device model (qemu) toolstack Paravirtualized Fully (PV) Virtualized Domain (HVM) Hardware netback netfront Domain Drivers blkback blkfront Xen Hypervisor I/O Devices CPU Memory Hardware Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 5 / 28
  • 6. Intro Network path Bootloader Device model Xen Conclusion Security Overview Threat Model Attacker can access network Attacker controls one guest OS Security considerations How much code is accessible? What is the interface like? (e.g., pointers vs scalars) Defense-in-depth Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 6 / 28
  • 7. Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Network drivers in dom0 PV guests with pygrub HVM guests with qemu running in domain 0 Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 7 / 28
  • 8. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC netback netfront Driver Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Bugs in hardware driver Bugs in bridging / filtering Bugs in netback via the ring protocol Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 8 / 28
  • 9. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC netback netfront Driver Xen Hypervisor Control NIC Guest NIC Hardware What does it buy you? Control of domain 0 kernel Pretty much control of the whole system Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 9 / 28
  • 10. Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables bridge Rogue Domain NIC netfront NIC netback Driver Driver Xen Hypervisor Control NIC Guest NIC Hardware What is it? Unprivileged VM which drives hardware, provides access to guests Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 10 / 28
  • 11. Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables bridge Rogue Domain NIC netfront NIC netback Driver Driver Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Guest network traffic Control of NIC Opportunity to attack netfront of other guests Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 11 / 28
  • 12. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Add backend=domnet to vif declaration vif = [ ’type=pv, bridge=xenbr0, backend=domnet’ ] http://wiki.xen.org/wiki/Driver Domain Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 12 / 28
  • 13. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder Paravirtualized pygrub (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Python program running in domain 0 Reads guest FS, parses grub.conf, presents menu Passes resulting kernel image to domain builder Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 13 / 28
  • 14. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder Paravirtualized pygrub (PV) Domain guest disk Xen Hypervisor How to break in? Bugs in file system parser Bugs in menu parser Bugs in domain builder Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 14 / 28
  • 15. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder Paravirtualized pygrub (PV) Domain kernel guest disk Xen Hypervisor What does it buy you? Control of domain 0 user space Pretty much control of the whole system Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 15 / 28
  • 16. Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 toolstack kernel domain image builder Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Passing a known-good kernel from domain 0 Removes attacker avenue to domain builder Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 16 / 28
  • 17. Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 toolstack kernel domain image builder Paravirtualized (PV) Domain guest disk Xen Hypervisor Disadvantages Host admin must keep up with kernel updates Guest admin can’t pass kernel parameters, custom kernels, Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 17 / 28
  • 18. Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context PV equivalent of HVM “BIOS + grub” Now an exploit buys you: Control of your own VM Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 18 / 28
  • 19. Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Use appropriate pvgrub as bootloader in guest config kernel="/usr/lib/xen/boot/pvgrub-x86_32.gz" http://wiki.xen.org/wiki/Pvgrub Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 19 / 28
  • 20. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) How to break in? Bugs in NIC emulator parsing packets Bugs in emulation of virtual devices What does it buy you? Domain 0 privileged userspace Pretty much control of the whole system Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 20 / 28
  • 21. Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains What is it? Stub domain: a small “service” domain running just one application qemu stub domain: run each qemu in its own domain Now an exploit buys you: Control of the stubom VM ...which we assume you control Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 21 / 28
  • 22. Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the pvgrub image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Specify stub domains in your guest config device_model_stubdomain_override = 1 http://wiki.xen.org/wiki/Device Model Stub Domains Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 22 / 28
  • 23. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen PV guests PV Hypercalls HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization Security practice: Use PV VMs Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 23 / 28
  • 24. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Xen Equivalent of SELinux Uses same concepts, tools as SELinux Allows a policy to restrict hypercalls What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges FLASK example policy This contains example roles for dom0, domU, stub domains, driver domains, &c Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 24 / 28
  • 25. Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] stubdom label=[foo] WARNING: In 4.2, the example policy not extensively tested. Use with care! http://wiki.xen.org/wiki/Xen Security Modules : XSM- FLASK Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 25 / 28
  • 26. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces and Xen features we can use to mitigate them Driver domains pvgrub stub domains PV vs HVM Experimental: Example policy for FLASK Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 26 / 28
  • 27. Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Equipped with the knowledge to get them working Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 27 / 28
  • 28. Intro Network path Bootloader Device model Xen Conclusion Questions Questions? More info at http://wiki.xen.org/wiki/Securing Xen Check out our blog: http://blog.xen.org/ Brussels – February 2-3, 2013 Securing your cloud with Xen’s advanced security features 28 / 28