Date post: | 14-Dec-2015 |
Category: |
Documents |
Upload: | isabel-nickson |
View: | 231 times |
Download: | 3 times |
Hypervisors and Next Generation
Virtualization
William StricklandCOT4810 Spring 2008
February 7, 2008
Origins
Hypervisor also known as Virtual Machine Monitor.
Software emulating hardware to operating systems.
First developed for Servers and Mainframes by IBM.
Due to plentiful hardware not widely used, but fundamental method of virtualization.
Details: Native Hypervisor
Hypervisor directly on top of hardware. Emulates hardware to operating systems. Difficult to implement.
Details: x86 Architecture
Instruction levels (rings) 0 to 3.
Operating Systems use lowest ring (ring 0).
Hardware does not support virtualization.
Details: x86 Virtualization
Support traditionally from layers of software to emulate privileged commands.
Recent additions by AMD and Intel provide Virtualization support of hypervisors.
Hypervisor code runs below operating systems and assumes control of hardware.
Details: OS Paravirtualization
Operating system to be virtualized is modified with hypervisor awareness.
Avoids using commands that must be emulated, thus improving performance.
Simplifies Hypervisor design and implementation.
Typical Usage
Machine Consolidation - More machines in one, for mutually exclusive function.
Sandboxing – performing dangerous actions in contained environment.
Whole System Mobility – moving whole system around.
Dark side: VM rootkit
Whole OS can be under command of software entity.
Concerns Cross platform. No way to breach VM.
Limitations On typical x86 hardware, hard to put an incumbent
operating system into VM. Can detect if running in VM.
Darker Still: Blue Pill
New hardware support of hypervisors allows machine to be subverted much more easily.
Concerns Act as stealthier rootkit. Hypervisor invisible to rest of system.
Limitations Limited targets. Can be detected, probably.
In Better Hands
Enforce Kernel protection; stop kernel hooking.
Prevent rootkits (including hypervisor based).
Better security implementation allowing more isolation of critical systems.
References
“Blue Pill” August 24, 2006. Podcast. “Security Now!.” grc.com. 27 August 2006. <https://www.grc.com/securitynow.htm>.
Dorman, Andy. "Intel VT vs. AMD Pacifica." IT Architect Nov 2005: 51-57. Greene, Jay. "Microsoft Revives Virtualization Push." Business Week
Online 23 Jan 2008: 28. Marshall, David, Wade A. Reynolds, and Dave McCrory. Advanced Server
Virtualization. Boca Raton, FL: Auerbach Publications, 2006. Popek, Gerald J., and Robert P. Goldberg. "Formal requirements for
virtualizable third generation architectures." Communications of the ACM 17.7(1974): 412-421.
Rosenblum, Mendel, and Tal Garfinkel. "Virtual Machine Monitors: Current Technology and Future Trends." Computer 38.5(2005): 39-47.
Vaas, Lisa. "Blue Pill at Black Hat." eWeek 13 June 2007: 10. Whitaker, Andrew, et al. Gribble."Rethinking the Design of Virtual Machine
Monitors." Computer 38.5(2005): 57-62.