1 / 32

Hyper-V Security

Hyper-V Security. Brandon Baker Senior Development Lead Microsoft. William Arbaugh Principal Architect Microsoft. Agenda. What is Hyper-V? Why a hypervisor? Quick Background & Architecture Security Model Challenges Future Directions. What is Hyper-V?. Full machine virtualization

maik
Download Presentation

Hyper-V Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hyper-V Security Brandon Baker Senior Development Lead Microsoft William Arbaugh Principal Architect Microsoft ACM CCS / VMSec

  2. Agenda What is Hyper-V? Why a hypervisor? Quick Background & Architecture Security Model Challenges Future Directions ACM CCS / VMSec

  3. What is Hyper-V? • Full machine virtualization • Component of Windows Server 2008 x64 • Beta shipped in box • RTM available through Windows Update ACM CCS / VMSec

  4. How to install Hyper-V ACM CCS / VMSec

  5. What is Hyper-V? Has three major components: Hypervisor Virtualization Stack Virtual Devices Requires hardware assisted virtualization AMD AMD-V Intel VT ACM CCS / VMSec

  6. Agenda What is Hyper-V? Why a hypervisor? Quick Background & Architecture Security Model Challenges Future Directions ACM CCS / VMSec

  7. VMM Arrangements • Hosted Virtualization • Hypervisor Virtualization Guest 1 Guest 2 Guest 1 Guest 2 VMM VMM Host OS Hardware Hardware • Examples • VMware Workstation • KVM • Virtual PC & Virtual Server • Examples • VMware ESX • Xen • Hyper-V ACM CCS / VMSec

  8. Drivers Drivers Drivers Drivers Monolithic Versus Microkernel All virtualization systems have a VMM, drivers, virtualization software, and management interfaces. • Monolithic hypervisor • Simpler than a modern kernel, but still complex • Implements driver model • Microkernel hypervisor • Simple partitioning functionality • Increase reliability and minimizes TCB • No third-party code • Drivers run in root guest VM 1 (Admin) VM 2 VM 3 VM 2 (“Child”) VM 3 (“Child”) VM 1(“Parent”) Virtual- ization Stack Hypervisor Virtualization Stack Hypervisor Hardware Hardware ACM CCS / VMSec

  9. Agenda What is Hyper-V? Why a hypervisor? Quick Background & Architecture Security Model Challenges Future Directions ACM CCS / VMSec

  10. Virtualization Stack WindowsKernel OSKernel DeviceDrivers Windows hypervisor VirtualizationServiceClients(VSCs) Enlightenments VMBus Hyper-V Architecture Partition Root Guest Partitions Provided by: Ring 3 Ring 3 Windows Guest Applications VM WorkerProcesses Hyper-V WMI Provider VMMSService ISV VirtualizationServiceProviders(VSPs) Server Core Ring 0 Ring 0 Ring “-1” Storage NIC CPU MMU APIC VMCS/VMCB ACM CCS / VMSec

  11. Hypervisor Partitioning Kernel Partition is isolation boundary Few virtualization functions; relies on virtualization stack Very thin layer of software Microkernel Highly reliable No device drivers Two versions, one for Intel and one for AMD Drivers run in the root Leverage the large base of Windows drivers Well-defined interface Allow others to create support for their OSes as guests Virtualization Stack • Runs within the root partition • Portion of traditional hypervisor that has been pushed up and out to make a micro-hypervisor • Manages guest partitions • Handles intercepts • Emulates devices ACM CCS / VMSec

  12. Agenda What is Hyper-V? Why a hypervisor? Quick Background & Architecture Security Model Challenges Future Directions ACM CCS / VMSec

  13. Virtualization Stack WindowsKernel OSKernel DeviceDrivers Windows hypervisor VirtualizationServiceClients(VSCs) Enlightenments VMBus Hyper-V TCB Partition Root Guest Partitions Guest Applications VM WorkerProcesses WMI Provider VMService VirtualizationServiceProviders(VSPs) Server Core ACM CCS / VMSec

  14. Security Assumptions • Guests are untrusted • Root must be trusted by hypervisor; parent must be trusted by children. • Code will run in all available processor modes, rings, and segments • Hypercall interface will be well documented and widely available to attackers. • All hypercalls can be attempted by guests • Can detect you are running on a hypervisor • We’ll even give you the version • The internal design of the hypervisor will be well understood ACM CCS / VMSec

  15. Security Goals Strong isolation between partitions Protect confidentiality and integrity of guest data Separation Unique hypervisor resource pools per guest Separate worker processes per guest Guest-to-parent communications over unique channels Non-interference Guests cannot affect the contents of other guests, parent, hypervisor Guest computations protected from other guests Guest-to-guest communications not allowed through VM interfaces Memory, registers, and caches scrubbed on VM context switch ACM CCS / VMSec

  16. Security Non-Goals Things we don’t do in Hyper-V v1 Mitigate hardware bleed-through (inference attacks) Mitigate covert channels Guarantee availability Protect guests from the root Protect the hypervisor from the root Utilize trusted hardware TPM, Device Assignment, DMA protection, Secure Launch ACM CCS / VMSec

  17. Windows hypervisor Hyper-V Security Model Root Partition Guest Partitions Windows AuthN Virtualization Stack VM Config AzMan Guest Applications VMBus Part ID to VM Config Guest OSKernel Server Core Hypercall Hypercall Part ID 2…n Part ID 1 Partition Privileges Memory Map VMCS ACM CCS / VMSec

  18. Hypervisor Security Model Memory Physical Address to Partition map maintained by Hv Parent/Child ownership model on memory Can supersede access rights in guest page tables (R, W, X) CPU Hardware guarantees cache & register isolation, TLB flushing, instruction interception I/O Hypervisor enforces Parent policy for all guest access to I/O ports Hyper-V v1 policy is guests have no access to real hardware Hypervisor Interface Partition privilege model Guests access to hypercalls, instructions, MSRs with security impact enforced based on Parent policy Hyper-V v1 policy is guests have no access to privileged instructions Hyper-V Security Model • Uses Authorization Manager (AzMan) • Fine grained authorization and access control • Department and role based • Segregate who can manage groups of VMs • Define specific functions for individuals or roles • Start, stop, create, add hardware, change drive image • VM administrators don’t have to be Server 2008 administrators • Guest resources are controlled by per VM configuration files • Shared resources are protected • Read-only (CD ISO file) • Copy on write (differencing disks) ACM CCS / VMSec

  19. Virtualization Stack Virtualization Attacks VM WorkerProcesses WMI Provider VMService WindowsKernel VirtualizationServiceProviders(VSPs) Server Core DeviceDrivers Windows hypervisor VirtualizationServiceClients(VSCs) VirtualizationServiceClients(VSCs) Enlightenments Enlightenments VMBus Root Partition Guest Partitions Provided by: Windows Hyper-V Guest Applications ISV Hackers OSKernel VMBus Server Hardware ACM CCS / VMSec

  20. Hyper-V Security Hardening (1/2) ACM CCS / VMSec • Hypervisor has separate address space • Guest addresses != Hypervisor addresses • No 3rd party code in the Hypervisor • Limited number of channels from guests to hypervisor • No “IOCTL”-like things • Guest to guest communication through hypervisor is prohibited • No shared memory mapped between guests • Guests never touch real hardware i/o

  21. Hyper-V Security Hardening (2/2) ACM CCS / VMSec • Hypervisor built with • ASLR • Stack guard cookies (/GS) • Hardware No eXecute (NX) • Code pages marked read only • Memory guard pages • Limited exception handling • Hypervisor binary is signed • Hypervisor and Root components completed SDL • Threat modeling • Static Analysis • Fuzz testing • Penetration testing

  22. Agenda What is Hyper-V? Why a hypervisor? Quick Background & Architecture Security Model Challenges Future Directions ACM CCS / VMSec

  23. Maslow’s Hierarchy of Virtualization Security ACM CCS / VMSec

  24. Challenges – Implementation ACM CCS / VMSec • Security of the platform • SDL • Simplify • Separate • Push complexity out and up • Hypervisor correctness • “Is this hypervisor safe?”

  25. Challenges – Management ACM CCS / VMSec • VM security level • Host suitability • Identity • Administration • Patching • Software Inventory • Compliance • Antivirus • Network vs. virtual network security • “Are my policies safe?”

  26. Challenges – Realization ACM CCS / VMSec • Projecting security invariants into VMs • Monitoring VM behavior • Behavior modification • Intercepting VM data flows • “Can I make my OS safer by being a VM?”

  27. Agenda What is Hyper-V? Why a hypervisor? Quick Background & Architecture Security Model Challenges Future Directions ACM CCS / VMSec

  28. What are we exploring? ACM CCS / VMSec • Measured launch • IOMMU support • TPM virtualization

  29. Measured Launch • Start with Dynamic Root of Trust Measurement (DRTM) • AMD SKINIT • Intel SENTER • DRTM resets processor to clean stateand executes secure loader • Loader starts a measurement chain • Allows for measurement and policy enforcement on hypervisor ACM CCS / VMSec

  30. I/O Memory Management Unit (IOMMU) • Used for containing and directingdevice traffic • Access to memory • Interrupts • Under development and goes by lotsof names • IOMMU (long-standing use in industry, AMD) • DMA Remapping (Intel/Microsoft) • VT-d, VT-d2 (Intel) ACM CCS / VMSec

  31. TPM Virtualization • Open questions: • What is the right way to expose TPM functionality to VMs? • Low level hardware interface vs. hypercall • TPM wasn’t designed to be virtualized • How should you handle measurements across VM migrations? • If a VM is sealed to a platform, it can’t be migrated. • If a VM isn’t sealed to a platform, how much trust do you have? ACM CCS / VMSec

  32. For More Information • Email me thoughts, ideas, questions • brandon.baker@microsoft.com • william.arbaugh@microsoft.com • Hypervisor Interface Specification • http://msdn.microsoft.com/en-us/library/bb969686.aspx • Black Hat presentations • http://www.blackhat.com/html/bh-media-archives/bh-archives-2007.html • RSA Virtualization Blog • http://blogs.msdn.com/rsa2008/archive/2008/04/07/isolation-of-virtual-machines.aspx ACM CCS / VMSec

More Related