Safer Virtual Machines

May 18, 2010

Back in November, I posted a note about some interesting security research that had been done by a team at North Carolina State University.  They developed an elegant technique, which they called HookSafe, that protects against rootkits by running the normal operating system under the control of a small, special purpose hypervisor (virtual machine monitor).  The HookSafe hypervisor relocates sensitive OS kernel data structures to a set of reserved pages in virtual memory, and uses the hardware memory protection mechanisms to prevent their modification.

The same team has now published a new paper [PDF], to be presented at the IEEE Symposium on Security and Privacy, which is currently underway in Oakland CA.  In this paper, they adapt their approach to provide security assurance for two popular open-source Type I (“bare metal”) hypervisors: Xen and BitVisor, that run on current Intel processors.  Once again, the approach, called HyperSafe by the authors, is somewhat elegant, in that only minimally-invasive “surgery” on the existing code is required.  There are two basic protection techniques used: non-bypassable memory lockdown, and restricted pointer indexing.

To protect the hypervisor’s own memory, all of the related virtual memory map table entries are marked “read-only”, and the “write-protect” bit in control register CR0 is turned on.  This means that any attempt, even by the hypervisor itself, to modify those entries in the page table results in  a hardware interrupt.  In effect, this creates a single “gate” through which all modification attempts must pass.  The “gatekeeper” code can allow legitimate requests to be carried out by temporarily disabling write-protection; this operation can be carried out atomically because all interrupts are disabled while it is in progress.

The second technique used in HyperSafe is called Restricted Pointer Indexing.  Essentially, the hypervisor code is analyzed, and all legitimate branch targets (e.g., function entry points) are identified and stored in a table in the hypervisor’s protected memory.  The pointers in the code are then replaced with an indexed entry into the table.  According to the paper, this process can be done almost entirely automatically for code written in C; some manual analysis is usually required for code written in assembler.  This approach guarantees that the hypervisor code can only branch to an address previously identified as legitimate.

(The HyperSafe approach is based on the underlying assumption that a TPM [Trusted Platform Module] or similar hardware facility provides secure system booting in the first instance.  It cannot secure a system against an attacker having physical access.)

The researchers claim that their prototype implementations have only a small performance penalty, 5% or less, and can successfully protect systems against several common rootkit techniques.   Dark Reading has an article summarizing the research.

Although I am sure that this is far from the last word on the topic, I think this is valuable research, especially since virtualization technology is of great interest at present, and is heavily used in cloud computing.  Making that environment safer is in everyone’s best interest.

%d bloggers like this: