SlideShare a Scribd company logo

Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek

B
buildacloud

This document provides an overview of securing cloud infrastructure using the Xen hypervisor. It begins with introducing Xen security features like driver domains and PVgrub that isolate different components of the system. It then analyzes various attack surfaces like the network path, PyGrub bootloader, and Qemu device model. For each, it discusses what a successful exploit could achieve and how Xen features like driver domains and stub domains constrain the impact. The document concludes with recommendations to use the Xen security module FLASK to further restrict privileges and provides examples of applying it.

Technology
1 of 65
Download to read offline
Securing Your Cloud With the Xen Hypervisor Russell Pavlicek Xen Project Evangelist Citrix Systems
Who is the Old, Fat Geek Up Front? ● Xen project Evangelist ● Employed by Citrix, focused entirely on Xen project ● History with open source begins in 1995 ● Former columnist for Infoworld, Processor magazines ● ● Former panelist on The Linux Show, repeat guest on The Linux Link Tech Show Over 150 pieces published, one book on open source, plus blogs
Presentation Goals ● Introduce the subject of security in the Cloud ● Introduce you to the Xen Project Security Tools ● Discuss some key Xen security features ● Get you started in the right direction toward securing your Xen installation
Presentation Outline ● A few thoughts on the problem of securing the Cloud ● Overview of the Xen architecture ● Brief introduction to the principles of security analysis ● Examine some of the attack surfaces and the Xen features we can use to mitigate them: – Driver Domains – PVgrub – Stub Domains – Paravirtualization (PV) versus Hardware Virtualization (HVM) – FLASK example policy
Introduction: Xen Project, The Cloud, and Security
Introduction: Xen Project and Security ● Xen project produces an enterprise-grade Type 1 hypervisor ● Built for the cloud before it was called cloud ● A number of advanced security features – Driver domains, stub domains, FLASK, and more – Most of them are not (or cannot) be turned on by default – Although they can be simple to use, sometimes they appear complicated
The Cloud Security Conundrum ● Cloud Security: The 800lb Gorilla in the room – Nothing generates more fear in specific, and FUD in general – Probably the single greatest barrier to Cloud adoption – Immediately behind it is the inability to get out of the 20th century IT mindset – Must get past the “Change is Bad” concept of 1980 – Cloud is about embracing change at a rapid pace The good news: the “Gorilla” is actually a “Red Herring” ● ● We don't need to fear it – we just need to solve it
Cloud Security: New Visibility to an Old Problem ● ● ● ● Security has always been an IT issue Putting a truly secure system in the open does not reduce its security, it just increases the frequency of attack Unfortunately, system security behind the firewall has not always been comprehensive Having solutions in an external cloud forces us to solve the security issues we should have already solved News Flash: Security Through Obscurity is Dead
Use Security by Design, Not by Wishful Thinking ● Security by wishful thinking no longer works – – Addressing security in one area while ignoring others is NOT good enough – ● Merely hoping that your firewall holds off the marauding hordes is NOT good enough Saying, “We never had a problem before” is NOT good enough Comprehensive security starts with design – It needs to be planned carefully and thought through – It needs to be implemented at multiple levels – It needs components which are themselves securable
Xen Project: Security by Design ● Xen Project was designed for clouds before the term “cloud” was ever coined in the industry – http://www.cl.cam.ac.uk/research//srg/netos/xeno/publi cations.html Xen is designed to thwart attacks from many attack vectors, using different defensive techniques – ● Designers foresaw the day of “infrastructure for wide-area distributed computing” which we now call “the cloud”
Basic Architecture of the Xen Hypervisor
Hypervisor Architectures Type 1: Bare metal Hypervisor A pure Hypervisor that runs directly on the hardware and hosts Guest OS’s. VMn VM1 VM0 Guest OS and Apps Hypervisor Host HW Device Drivers/ Models I/O Memory Scheduler MMU CPUs Provides partition isolation + reliability, higher security
Hypervisor Architectures Type 1: Bare metal Hypervisor Type 2: OS ‘Hosted’ A pure Hypervisor that runs directly on the hardware and hosts Guest OS’s. A Hypervisor that runs within a Host OS and hosts Guest OS’s inside of it, using the host OS services to provide the virtual environment. VMn VM1 VM0 User-level VMM User Apps Device Models Guest OS and Apps Hypervisor Host HW I/O Memory Scheduler MMU CPUs Provides partition isolation + reliability, higher security Device Drivers Host HW VM0 Guest OS and Apps Host OS Device Drivers/ Models VMn VM1 I/O Ring-0 VM Monitor “Kernel “ Memory CPUs Low cost, no additional drivers Ease of use and installation
Xen: Type 1 with a Twist Type 1: Bare metal Hypervisor VMn VM1 VM0 Guest OS and Apps Hypervisor Host HW Device Drivers/ Models I/O Memory Scheduler MMU CPUs
Xen: Type 1 with a Twist Type 1: Bare metal Hypervisor XEN Architecture VMn VM1 VMn VM1 VM0 Guest OS and Apps Hypervisor Host HW Device Drivers/ Models I/O Memory VM0 Guest OS and Apps Scheduler MMU CPUs MMU Scheduler Host HW I/O Memory CPUs
Xen: Type 1 with a Twist Type 1: Bare metal Hypervisor VMn VM1 VM0 Guest OS and Apps Hypervisor Host HW Device Drivers/ Models I/O Memory Scheduler MMU CPUs XEN Architecture Control domain (dom0) VMn VM1 Device Models VM0 Drivers Guest OS and Apps Linux & BSD MMU Scheduler Host HW I/O Memory CPUs
Xen Architecture: Basic Parts
Security Thinking: An Approach
An Approach to Security Thinking ● Threat models: – – ● Attacker can access network Attacker controls one Guest VM Security considerations to evaluate: – – What is the interface like? (e.g., pointers vs scalars) – ● How much code is accessible? Defense-in-depth: how many rings of defense surround you? Then combine security tactics to secure the installation – There is no single "magic bullet" – Individual tactics reduce danger; combined tactics go farther
Example System For This Discussion ● Hardware setup – – ● Two networks: one Control network, one Guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) to allow for full hardware virtualization (HVM) Default configuration – Network drivers in the Control Domain (aka "Domain 0" or just "Dom0") – Paravirtualized (PV) guests using PyGrub (grub-like boot utility within context of Guest Domain) – Hardware Virtualized (HVM) guests using Qemu (as the device model) running in the Control Domain
Attacking the Network Interface
Attack Surface: Network Path
Attack Surface: Network Path ● Where might an exploit focus? – Bugs in hardware driver – Bugs in bridging / filtering – Bugs in netback (via the ring protocol) ● ● Netback and Netfront are part of the Paravirtualization mode Note the exploits – The main exploits exist already, even in hardware – The netback surface is very small, but needs to be acknowledged – When these are attacked in hardware, you have deep trouble – You actually have better defense in the VM than in hardware
Result: Network Path Compromised
Result: Network Path Compromised Vulnerability Analysis: What could a successful exploit yield? Control of Domain 0 kernel This could lead to the control of the whole system
Security Feature: Driver Domains
Security Feature: Driver Domains ● What is a Driver Domain? – Unprivileged VM which drives hardware – It provides driver access to guest VMs – Very limited scope; not a full operating system – Does not have the access or capability of a full VM
Result: Driver Domain Compromised
Result: Driver Domain Compromised ● Now a successful exploit could yield: – Control of the Driver Domain (Paravirtualization hypercall interface) ● – But the Driver Domain is limited: no shell, no utilities Control of that guest's network traffic ● But in the cloud, most orchestrators detect network traffic failure ● The problem is not allowed to stand very long – Control of the network interface card (NIC) – An opportunity to attack the netfront of other guest VMs ● ● But to take advantage of this platform, you need to launch another attack Compound attacks are complex, and they take time which you may not have
Basic How To: Driver Domains ● Create a VM with appropriate drivers – ● Install the Xen-related hotplug scripts – ● ● Use any distribution suitable as a Control Domain Just installing the Xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI passthrough Configure the network topology in the Driver Domain – Just like you would for the Control Domain
Basic How To: Driver Domains ● Configure the guest Virtual Network Interface (vif) to use the new domain ID – Add “backend=domnet” to vif declaration vif = [ 'type=pv, bridge=xenbr0, backend=domnet' ] Detailed Info http://wiki.xenproject.org/wiki/Driver_Domain
Attacking the PyGrub Boot Loader
Attack Surface: PyGrub
Attack Surface: PyGrub ● What is PyGrub? – – ● “grub” implementation for Paravirtualized guests A Python program running in Control Domain What does it do? – It reads the guest VM's filesystem – It parses grub.conf – It displays a boot menu to the user – It passes the selected kernel image to domain builder
Attack Surface: PyGrub
Attack Surface: PyGrub ● Where might an exploit focus? – – Bugs in menu parser – ● Bugs in file system parser Bugs in domain builder Again, note the exploits – Forms of these exist in hardware as well – But hardware doesn't have as many options to combat the situation
Result: PyGrub Compromised
Result: PyGrub Compromised Vulnerability Analysis: What could a successful exploit yield? Control of Domain 0 user space This could lead to the control of the whole system
Security Feature: Fixed Kernels
Security Feature: Fixed Kernels ● What is a fixed kernel? – Passing a known-good kernel from Control Domain ● ● – ● No longer allows a user to choose the kernel Best practice for anything in production Removes attacker avenue to domain builder Disadvantages – Host administrator must keep up with kernel updates – Guest admin can't pass kernel parameters or custom kernels
Security Feature: PVgrub
Security Feature: PVgrub ● What is PVgrub? – MiniOS plus the Paravirtualized port of “grub” running in a guest context – Paravirtualized equivalent of Hardware Virtualized combination of BIOS plus grub
Result: PVgrub Compromised Vulnerability Analysis: Now a successful exploit could yield: Control of the attacked Guest Domain alone Control Domain is no longer at risk
Basic HowTo: PVgrub ● Make sure that you have the PVgrub image – – Normally lives in “/usr/lib/xen/boot” – SUSE SLES: Currently need to build for yourself – Included in Fedora Xen packages – ● “pvgrub-$ARCH.gz” Debian-based: need to build yourself Use appropriate PVgrub as bootloader in guest configuration: – kernel="/usr/lib/xen/boot/pvgrub-x86_32.gz" See http://wiki.xenproject.org/wiki/Pvgrub
Attacking the Qemu Device Model
Attack Surface: Device Model (Qemu)
Attack Surface: Device Model (Qemu) ● What is Qemu? – – ● In other contexts, a virtualization provider In the Xen Project context, a provider of needed device models Where might an exploit focus? – Bugs in NIC emulator parsing packets – Bugs in emulation of virtual devices
Result: Device Model Compromised Vulnerability Analysis: What could a successful exploit yield? Control Domain privileged user space This could lead to the control of the whole system
Security Feature: Qemu Stub Domains ● What is a stub domain? – Stub domain: a small “service'' domain running just one application – Qemu stub domain: run each Qemu in its own domain
Result: Stub Domain Compromised Vulnerability Analysis: Now a successful exploit could yield: Control only of the stub domain VM (which, if FLASK is employed, is a relatively small universe) You need to devise another attack entirely to do anything more significant
Basic HowTo: Qemu Stub Domains ● Make sure that you have the ioemu image: – – Normally lives in “/usr/lib/xen/boot” – SUSE SLES, currently need to build it yourself (SLES 12?) – Included in Fedora Xen packages – ● “ioemu-$ARCH.gz” On Debian (and offshoots), you will need to build it yourself Specify stub domains in your guest configuration: device_model_stubdomain_override = 1 Detailed Info http://wiki.xenproject.org/wiki/Device_Model_Stub_Domains
Attacking the Hypervisor Itself
Attack Surface: Xen Hypervisor Itself ● Where might an exploit focus? – On Paravirtualized (PV) Guests: – PV Hypercalls On full Hardware Virtualized (HVM) Guests: ● HVM hypercalls (Subset of PV hypercalls) ● Instruction emulation (MMIO, shadow pagetables) ● Emulated platform devices: APIC, HPET, PIT ● Nested virtualization Security practice: Use PV VMs whenever possible ● ●
Using the Xen Security Module
Security Feature: FLASK Policy ● What is FLASK? – Xen Security Module (XSM): Xen equivalent of LSM – FLASK: FLux Advanced Security Kernel – Framework for XSM developed by NSA – Xen equivalent of SELinux – Uses same concepts and tools as SELinux – Allows a policy to restrict hypercalls
Security Feature: FLASK Policy ● What can FLASK do? – – ● Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges FLASK example policy – This contains example roles for the Control Domain (dom0), User/Guest Domain(domU), stub domains, driver domains, etc. – Make sure you TEST the example policy in your environment BEFORE putting it into production! NOTE: As an example policy, it is not as rigorously tested as other parts of Xen during release; make sure it is suitable for you
Basic HowTo: FLASK Example Policy ● Build Xen with XSM enabled ● Build the example policy ● Add the appropriate label to guest config files: – “seclabel=[foo]” – “stubdom_label=[foo]” Detailed Info http://wiki.xenproject.org/wiki/Xen_Security_Modules_:_XSM-FLASK
ARM-Specific Security Features
Xen + ARM = A Perfect Match ARM Architecture Features for Virtualization ARM SOC User mode : EL0 Device Tree describes … Kernel mode : EL1 I/O Hypercall Interface HVC GT GIC v2 2 stage MMU Hypervisor mode : EL2
Xen + ARM = A Perfect Match ARM Architecture Features for Virtualization ARM SOC EL0 Device Tree describes … EL1 I/O HVC GT GIC v2 2 stage MMU EL2 Xen Hypervisor
Xen + ARM = A Perfect Match ARM Architecture Features for Virtualization ARM SOC Any Xen Guest VM (including Dom0) Any Xen Guest VM (including Dom0) EL0 User Space User Space Device Tree describes … Kernel Kernel EL1 I/O HVC GT GIC v2 2 stage MMU EL2 Xen Hypervisor
Xen + ARM = A Perfect Match ARM Architecture Features for Virtualization ARM SOC Dom0 Dom0 only Any Xen Guest VM (including Dom0) Any Xen Guest VM (including Dom0) EL0 User Space User Space Device Tree describes … Kernel Kernel PV back I/O PV EL1 front HVC GT GIC v2 2 stage MMU EL2 Xen Hypervisor
ARM: Right Solution for Security ● Stays in ARM Hypervisor Mode – – Because Xen's architecture maps so well to the ARM architecture, Xen never has to use Kernel mode – Other hypervisors have to flip back and forth between modes – If a hypervisor has to enter Kernel mode, it loses the security of running in a privileged mode, isolated from the rest of the system – ● The ARM architecture has separate Hypervisor and Kernel modes This is a non-issue with the Xen Hypervisor on ARM Does not need to use device emulation – No emulation means a smaller attack surface for bad guys
For More Information... Detailed Info http://wiki.xenproject.org/wiki/Securing_Xen Thanks to George Dunlap for supplying much of the information presented here, and Stefano Stabellini for ARM information Center of the Xen universe: http://www.XenProject.org/ Contact me at russell.pavlicek@xenproject.org Thank You!
Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek

Recommended

Linuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPLinuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPThe Linux Foundation
 
Securing your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresSecuring your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresThe Linux Foundation
 
BSDcon Asia 2015: Xen on FreeBSD
BSDcon Asia 2015: Xen on FreeBSDBSDcon Asia 2015: Xen on FreeBSD
BSDcon Asia 2015: Xen on FreeBSDThe Linux Foundation
 
BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform The Linux Foundation
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622Todd Deshane
 
Aplura virtualization slides
Aplura virtualization slidesAplura virtualization slides
Aplura virtualization slidesThe Linux Foundation
 
Linaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMLinaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMThe Linux Foundation
 
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...The Linux Foundation
 

Recommended

Linuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPLinuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPThe Linux Foundation
 
Securing your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresSecuring your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresThe Linux Foundation
 
BSDcon Asia 2015: Xen on FreeBSD
BSDcon Asia 2015: Xen on FreeBSDBSDcon Asia 2015: Xen on FreeBSD
BSDcon Asia 2015: Xen on FreeBSDThe Linux Foundation
 
BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform The Linux Foundation
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622Todd Deshane
 
Aplura virtualization slides
Aplura virtualization slidesAplura virtualization slides
Aplura virtualization slidesThe Linux Foundation
 
Linaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMLinaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMThe Linux Foundation
 
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...
XPDDS18: LCC18: Xen Project: After 15 years, What's Next? - George Dunlap, C...The Linux Foundation
 
LFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and BeyondLFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and BeyondThe Linux Foundation
 
Xen in the Cloud at SCALE 10x
Xen in the Cloud at SCALE 10xXen in the Cloud at SCALE 10x
Xen in the Cloud at SCALE 10xThe Linux Foundation
 
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...The Linux Foundation
 
Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)
Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)
Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)The Linux Foundation
 
Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud? Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud? Todd Deshane
 
Xen Cloud Platform at Build a Cloud Day at SCALE 10x
Xen Cloud Platform at Build a Cloud Day at SCALE 10x Xen Cloud Platform at Build a Cloud Day at SCALE 10x
Xen Cloud Platform at Build a Cloud Day at SCALE 10x The Linux Foundation
 
LF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesLF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesThe Linux Foundation
 
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekXen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekThe Linux Foundation
 
Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Russell Pavlicek
 
Xen time machine
Xen time machineXen time machine
Xen time machineThe Linux Foundation
 
Xen Project Update LinuxCon Brazil
Xen Project Update LinuxCon BrazilXen Project Update LinuxCon Brazil
Xen Project Update LinuxCon BrazilThe Linux Foundation
 
Performance Tuning Xen
Performance Tuning XenPerformance Tuning Xen
Performance Tuning XenThe Linux Foundation
 
Xen ATG case study
Xen ATG case studyXen ATG case study
Xen ATG case studyThe Linux Foundation
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...The Linux Foundation
 
XS Boston 2008 XenLoop
XS Boston 2008 XenLoopXS Boston 2008 XenLoop
XS Boston 2008 XenLoopThe Linux Foundation
 
XCP: The Art of Open Virtualization for the Enterprise and the Cloud
XCP: The Art of Open Virtualization for the Enterprise and the CloudXCP: The Art of Open Virtualization for the Enterprise and the Cloud
XCP: The Art of Open Virtualization for the Enterprise and the CloudThe Linux Foundation
 
Xen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization OpportunitiesXen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization OpportunitiesThe Linux Foundation
 
Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Russell Pavlicek
 
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...The Linux Foundation
 
Why xen slides
Why xen slidesWhy xen slides
Why xen slidesThe Linux Foundation
 
Scale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen HypervisorScale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen HypervisorThe Linux Foundation
 
LFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorLFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorThe Linux Foundation
 

More Related Content

What's hot

LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...The Linux Foundation
 
Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)
Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)
Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)The Linux Foundation
 
Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud? Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud? Todd Deshane
 
Xen Cloud Platform at Build a Cloud Day at SCALE 10x
Xen Cloud Platform at Build a Cloud Day at SCALE 10x Xen Cloud Platform at Build a Cloud Day at SCALE 10x
Xen Cloud Platform at Build a Cloud Day at SCALE 10x The Linux Foundation
 
LF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesLF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesThe Linux Foundation
 
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekXen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekThe Linux Foundation
 
Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Russell Pavlicek
 
Xen Project Update LinuxCon Brazil
Xen Project Update LinuxCon BrazilXen Project Update LinuxCon Brazil
Xen Project Update LinuxCon BrazilThe Linux Foundation
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...The Linux Foundation
 
XCP: The Art of Open Virtualization for the Enterprise and the Cloud
XCP: The Art of Open Virtualization for the Enterprise and the CloudXCP: The Art of Open Virtualization for the Enterprise and the Cloud
XCP: The Art of Open Virtualization for the Enterprise and the CloudThe Linux Foundation
 
Xen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization OpportunitiesXen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization OpportunitiesThe Linux Foundation
 
Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Russell Pavlicek
 
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...The Linux Foundation
 

What's hot (20)

LFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and BeyondLFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and Beyond
 
Xen in the Cloud at SCALE 10x
Xen in the Cloud at SCALE 10xXen in the Cloud at SCALE 10x
Xen in the Cloud at SCALE 10x
 
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
 
Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)
Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)
Xen cloud platform v1.1 (given at Build a Cloud Day in Antwerp)
 
Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud? Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud?
 
Xen Cloud Platform at Build a Cloud Day at SCALE 10x
Xen Cloud Platform at Build a Cloud Day at SCALE 10x Xen Cloud Platform at Build a Cloud Day at SCALE 10x
Xen Cloud Platform at Build a Cloud Day at SCALE 10x
 
LF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesLF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and Futures
 
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekXen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
 
Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)
 
Xen time machine
Xen time machineXen time machine
Xen time machine
 
Xen Project Update LinuxCon Brazil
Xen Project Update LinuxCon BrazilXen Project Update LinuxCon Brazil
Xen Project Update LinuxCon Brazil
 
Performance Tuning Xen
Performance Tuning XenPerformance Tuning Xen
Performance Tuning Xen
 
Xen ATG case study
Xen ATG case studyXen ATG case study
Xen ATG case study
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
 
XS Boston 2008 XenLoop
XS Boston 2008 XenLoopXS Boston 2008 XenLoop
XS Boston 2008 XenLoop
 
XCP: The Art of Open Virtualization for the Enterprise and the Cloud
XCP: The Art of Open Virtualization for the Enterprise and the CloudXCP: The Art of Open Virtualization for the Enterprise and the Cloud
XCP: The Art of Open Virtualization for the Enterprise and the Cloud
 
Xen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization OpportunitiesXen PV Performance Status and Optimization Opportunities
Xen PV Performance Status and Optimization Opportunities
 
Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)
 
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
 
Why xen slides
Why xen slidesWhy xen slides
Why xen slides
 

Similar to Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek

Scale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen HypervisorScale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen HypervisorThe Linux Foundation
 
LFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorLFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorThe Linux Foundation
 
Securing your Cloud with Xen - SUSECon 2013
Securing your Cloud with Xen - SUSECon 2013Securing your Cloud with Xen - SUSECon 2013
Securing your Cloud with Xen - SUSECon 2013The Linux Foundation
 
Kernel Recipes 2014 - Xen as a foundation for cloud infrastructure
Kernel Recipes 2014 - Xen as a foundation for cloud infrastructureKernel Recipes 2014 - Xen as a foundation for cloud infrastructure
Kernel Recipes 2014 - Xen as a foundation for cloud infrastructureAnne Nicolas
 
V mwarev sphere5.1notes-v2
V mwarev sphere5.1notes-v2V mwarev sphere5.1notes-v2
V mwarev sphere5.1notes-v2karanamsaibabu
 
Xen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTXen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTThe Linux Foundation
 
Xen: Hypervisor for the Cloud - CCC13
Xen: Hypervisor for the Cloud - CCC13Xen: Hypervisor for the Cloud - CCC13
Xen: Hypervisor for the Cloud - CCC13The Linux Foundation
 
Open source hypervisors in cloud
Open source hypervisors in cloudOpen source hypervisors in cloud
Open source hypervisors in cloudChetna Purohit
 
IITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for InnovationIITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for InnovationThe Linux Foundation
 
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...The Linux Foundation
 
Xen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudXen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudThe Linux Foundation
 
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCPOscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCPThe Linux Foundation
 
Zero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenZero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenBitdefender Enterprise
 
Bare-Metal Hypervisor as a Platform for Innovation
Bare-Metal Hypervisor as a Platform for InnovationBare-Metal Hypervisor as a Platform for Innovation
Bare-Metal Hypervisor as a Platform for InnovationThe Linux Foundation
 
Docker San Diego 2015-03-25
Docker San Diego 2015-03-25Docker San Diego 2015-03-25
Docker San Diego 2015-03-25Casey Bisson
 
Platform Security Summit 18: Xen Security Weather Report 2018
Platform Security Summit 18: Xen Security Weather Report 2018Platform Security Summit 18: Xen Security Weather Report 2018
Platform Security Summit 18: Xen Security Weather Report 2018The Linux Foundation
 
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld
 

Similar to Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek (20)

Scale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen HypervisorScale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen Hypervisor
 
LFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorLFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project Hypervisor
 
Securing your Cloud with Xen - SUSECon 2013
Securing your Cloud with Xen - SUSECon 2013Securing your Cloud with Xen - SUSECon 2013
Securing your Cloud with Xen - SUSECon 2013
 
A Xen Case Study
A Xen Case StudyA Xen Case Study
A Xen Case Study
 
Kernel Recipes 2014 - Xen as a foundation for cloud infrastructure
Kernel Recipes 2014 - Xen as a foundation for cloud infrastructureKernel Recipes 2014 - Xen as a foundation for cloud infrastructure
Kernel Recipes 2014 - Xen as a foundation for cloud infrastructure
 
V mwarev sphere5.1notes-v2
V mwarev sphere5.1notes-v2V mwarev sphere5.1notes-v2
V mwarev sphere5.1notes-v2
 
Xen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTXen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XT
 
Xen: Hypervisor for the Cloud - CCC13
Xen: Hypervisor for the Cloud - CCC13Xen: Hypervisor for the Cloud - CCC13
Xen: Hypervisor for the Cloud - CCC13
 
Open source hypervisors in cloud
Open source hypervisors in cloudOpen source hypervisors in cloud
Open source hypervisors in cloud
 
OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training
 
IITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for InnovationIITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
 
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
 
Xen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudXen Project Hypervisor for the Cloud
Xen Project Hypervisor for the Cloud
 
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCPOscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCP
 
Usenix Invited Talk
Usenix Invited TalkUsenix Invited Talk
Usenix Invited Talk
 
Zero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenZero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xen
 
Bare-Metal Hypervisor as a Platform for Innovation
Bare-Metal Hypervisor as a Platform for InnovationBare-Metal Hypervisor as a Platform for Innovation
Bare-Metal Hypervisor as a Platform for Innovation
 
Docker San Diego 2015-03-25
Docker San Diego 2015-03-25Docker San Diego 2015-03-25
Docker San Diego 2015-03-25
 
Platform Security Summit 18: Xen Security Weather Report 2018
Platform Security Summit 18: Xen Security Weather Report 2018Platform Security Summit 18: Xen Security Weather Report 2018
Platform Security Summit 18: Xen Security Weather Report 2018
 
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
 

More from buildacloud

The Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep VittalThe Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep Vittalbuildacloud
 
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh BoddapatiPolicy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapatibuildacloud
 
L4-L7 services for SDN and NVF by Youcef Laribi
L4-L7 services for SDN and NVF by Youcef LaribiL4-L7 services for SDN and NVF by Youcef Laribi
L4-L7 services for SDN and NVF by Youcef Laribibuildacloud
 
Jenkins, jclouds, CloudStack, and CentOS by David Nalley
Jenkins, jclouds, CloudStack, and CentOS by David NalleyJenkins, jclouds, CloudStack, and CentOS by David Nalley
Jenkins, jclouds, CloudStack, and CentOS by David Nalleybuildacloud
 
Intro to Zenoss by Andrew Kirch
Intro to Zenoss by Andrew KirchIntro to Zenoss by Andrew Kirch
Intro to Zenoss by Andrew Kirchbuildacloud
 
Guaranteeing Storage Performance by Mike Tutkowski
Guaranteeing Storage Performance by Mike TutkowskiGuaranteeing Storage Performance by Mike Tutkowski
Guaranteeing Storage Performance by Mike Tutkowskibuildacloud
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevaldbuildacloud
 
Introduction to Apache CloudStack by David Nalley
Introduction to Apache CloudStack by David NalleyIntroduction to Apache CloudStack by David Nalley
Introduction to Apache CloudStack by David Nalleybuildacloud
 
Managing infrastructure with Application Policy by Mike Cohen
Managing infrastructure with Application Policy by Mike CohenManaging infrastructure with Application Policy by Mike Cohen
Managing infrastructure with Application Policy by Mike Cohenbuildacloud
 
Intro to Zenoss by Andrew Kirch
Intro to Zenoss by Andrew KirchIntro to Zenoss by Andrew Kirch
Intro to Zenoss by Andrew Kirchbuildacloud
 
Monitoring CloudStack in context with Converged Infrastructure by Mike Turnlund
Monitoring CloudStack in context with Converged Infrastructure by Mike TurnlundMonitoring CloudStack in context with Converged Infrastructure by Mike Turnlund
Monitoring CloudStack in context with Converged Infrastructure by Mike Turnlundbuildacloud
 
Rest api design by george reese
Rest api design by george reeseRest api design by george reese
Rest api design by george reesebuildacloud
 
Enterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevensEnterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevensbuildacloud
 
State of the cloud by reuven cohen
State of the cloud by reuven cohenState of the cloud by reuven cohen
State of the cloud by reuven cohenbuildacloud
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack buildacloud
 
Cloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper ContrailCloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper Contrailbuildacloud
 
Ian rae panel cloud stack & cloud storage where are we at, and where do we ne...
Ian rae panel cloud stack & cloud storage where are we at, and where do we ne...Ian rae panel cloud stack & cloud storage where are we at, and where do we ne...
Ian rae panel cloud stack & cloud storage where are we at, and where do we ne...buildacloud
 
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski buildacloud
 
CloudStack University by Sebastien Goasguen
CloudStack University by Sebastien GoasguenCloudStack University by Sebastien Goasguen
CloudStack University by Sebastien Goasguenbuildacloud
 
Building Scalable, Resilient Infrastructure on CloudStack by Sebastian Stadil
Building Scalable, Resilient Infrastructure on CloudStack by Sebastian StadilBuilding Scalable, Resilient Infrastructure on CloudStack by Sebastian Stadil
Building Scalable, Resilient Infrastructure on CloudStack by Sebastian Stadilbuildacloud
 

More from buildacloud (20)

The Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep VittalThe Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep Vittal
 
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh BoddapatiPolicy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapati
 
L4-L7 services for SDN and NVF by Youcef Laribi
L4-L7 services for SDN and NVF by Youcef LaribiL4-L7 services for SDN and NVF by Youcef Laribi
L4-L7 services for SDN and NVF by Youcef Laribi
 
Jenkins, jclouds, CloudStack, and CentOS by David Nalley
Jenkins, jclouds, CloudStack, and CentOS by David NalleyJenkins, jclouds, CloudStack, and CentOS by David Nalley
Jenkins, jclouds, CloudStack, and CentOS by David Nalley
 
Intro to Zenoss by Andrew Kirch
Intro to Zenoss by Andrew KirchIntro to Zenoss by Andrew Kirch
Intro to Zenoss by Andrew Kirch
 
Guaranteeing Storage Performance by Mike Tutkowski
Guaranteeing Storage Performance by Mike TutkowskiGuaranteeing Storage Performance by Mike Tutkowski
Guaranteeing Storage Performance by Mike Tutkowski
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
 
Introduction to Apache CloudStack by David Nalley
Introduction to Apache CloudStack by David NalleyIntroduction to Apache CloudStack by David Nalley
Introduction to Apache CloudStack by David Nalley
 
Managing infrastructure with Application Policy by Mike Cohen
Managing infrastructure with Application Policy by Mike CohenManaging infrastructure with Application Policy by Mike Cohen
Managing infrastructure with Application Policy by Mike Cohen
 
Intro to Zenoss by Andrew Kirch
Intro to Zenoss by Andrew KirchIntro to Zenoss by Andrew Kirch
Intro to Zenoss by Andrew Kirch
 
Monitoring CloudStack in context with Converged Infrastructure by Mike Turnlund
Monitoring CloudStack in context with Converged Infrastructure by Mike TurnlundMonitoring CloudStack in context with Converged Infrastructure by Mike Turnlund
Monitoring CloudStack in context with Converged Infrastructure by Mike Turnlund
 
Rest api design by george reese
Rest api design by george reeseRest api design by george reese
Rest api design by george reese
 
Enterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevensEnterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevens
 
State of the cloud by reuven cohen
State of the cloud by reuven cohenState of the cloud by reuven cohen
State of the cloud by reuven cohen
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack
 
Cloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper ContrailCloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper Contrail
 
Ian rae panel cloud stack & cloud storage where are we at, and where do we ne...
Ian rae panel cloud stack & cloud storage where are we at, and where do we ne...Ian rae panel cloud stack & cloud storage where are we at, and where do we ne...
Ian rae panel cloud stack & cloud storage where are we at, and where do we ne...
 
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
 
CloudStack University by Sebastien Goasguen
CloudStack University by Sebastien GoasguenCloudStack University by Sebastien Goasguen
CloudStack University by Sebastien Goasguen
 
Building Scalable, Resilient Infrastructure on CloudStack by Sebastian Stadil
Building Scalable, Resilient Infrastructure on CloudStack by Sebastian StadilBuilding Scalable, Resilient Infrastructure on CloudStack by Sebastian Stadil
Building Scalable, Resilient Infrastructure on CloudStack by Sebastian Stadil
 

Recently uploaded

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 

Recently uploaded (20)

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 

Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek

  • 1. Securing Your Cloud With the Xen Hypervisor Russell Pavlicek Xen Project Evangelist Citrix Systems
  • 2. Who is the Old, Fat Geek Up Front? ● Xen project Evangelist ● Employed by Citrix, focused entirely on Xen project ● History with open source begins in 1995 ● Former columnist for Infoworld, Processor magazines ● ● Former panelist on The Linux Show, repeat guest on The Linux Link Tech Show Over 150 pieces published, one book on open source, plus blogs
  • 3. Presentation Goals ● Introduce the subject of security in the Cloud ● Introduce you to the Xen Project Security Tools ● Discuss some key Xen security features ● Get you started in the right direction toward securing your Xen installation
  • 4. Presentation Outline ● A few thoughts on the problem of securing the Cloud ● Overview of the Xen architecture ● Brief introduction to the principles of security analysis ● Examine some of the attack surfaces and the Xen features we can use to mitigate them: – Driver Domains – PVgrub – Stub Domains – Paravirtualization (PV) versus Hardware Virtualization (HVM) – FLASK example policy
  • 5. Introduction: Xen Project, The Cloud, and Security
  • 6. Introduction: Xen Project and Security ● Xen project produces an enterprise-grade Type 1 hypervisor ● Built for the cloud before it was called cloud ● A number of advanced security features – Driver domains, stub domains, FLASK, and more – Most of them are not (or cannot) be turned on by default – Although they can be simple to use, sometimes they appear complicated
  • 7. The Cloud Security Conundrum ● Cloud Security: The 800lb Gorilla in the room – Nothing generates more fear in specific, and FUD in general – Probably the single greatest barrier to Cloud adoption – Immediately behind it is the inability to get out of the 20th century IT mindset – Must get past the “Change is Bad” concept of 1980 – Cloud is about embracing change at a rapid pace The good news: the “Gorilla” is actually a “Red Herring” ● ● We don't need to fear it – we just need to solve it
  • 8. Cloud Security: New Visibility to an Old Problem ● ● ● ● Security has always been an IT issue Putting a truly secure system in the open does not reduce its security, it just increases the frequency of attack Unfortunately, system security behind the firewall has not always been comprehensive Having solutions in an external cloud forces us to solve the security issues we should have already solved News Flash: Security Through Obscurity is Dead
  • 9. Use Security by Design, Not by Wishful Thinking ● Security by wishful thinking no longer works – – Addressing security in one area while ignoring others is NOT good enough – ● Merely hoping that your firewall holds off the marauding hordes is NOT good enough Saying, “We never had a problem before” is NOT good enough Comprehensive security starts with design – It needs to be planned carefully and thought through – It needs to be implemented at multiple levels – It needs components which are themselves securable
  • 10. Xen Project: Security by Design ● Xen Project was designed for clouds before the term “cloud” was ever coined in the industry – http://www.cl.cam.ac.uk/research//srg/netos/xeno/publi cations.html Xen is designed to thwart attacks from many attack vectors, using different defensive techniques – ● Designers foresaw the day of “infrastructure for wide-area distributed computing” which we now call “the cloud”
  • 11. Basic Architecture of the Xen Hypervisor
  • 12. Hypervisor Architectures Type 1: Bare metal Hypervisor A pure Hypervisor that runs directly on the hardware and hosts Guest OS’s. VMn VM1 VM0 Guest OS and Apps Hypervisor Host HW Device Drivers/ Models I/O Memory Scheduler MMU CPUs Provides partition isolation + reliability, higher security
  • 13. Hypervisor Architectures Type 1: Bare metal Hypervisor Type 2: OS ‘Hosted’ A pure Hypervisor that runs directly on the hardware and hosts Guest OS’s. A Hypervisor that runs within a Host OS and hosts Guest OS’s inside of it, using the host OS services to provide the virtual environment. VMn VM1 VM0 User-level VMM User Apps Device Models Guest OS and Apps Hypervisor Host HW I/O Memory Scheduler MMU CPUs Provides partition isolation + reliability, higher security Device Drivers Host HW VM0 Guest OS and Apps Host OS Device Drivers/ Models VMn VM1 I/O Ring-0 VM Monitor “Kernel “ Memory CPUs Low cost, no additional drivers Ease of use and installation
  • 14. Xen: Type 1 with a Twist Type 1: Bare metal Hypervisor VMn VM1 VM0 Guest OS and Apps Hypervisor Host HW Device Drivers/ Models I/O Memory Scheduler MMU CPUs
  • 15. Xen: Type 1 with a Twist Type 1: Bare metal Hypervisor XEN Architecture VMn VM1 VMn VM1 VM0 Guest OS and Apps Hypervisor Host HW Device Drivers/ Models I/O Memory VM0 Guest OS and Apps Scheduler MMU CPUs MMU Scheduler Host HW I/O Memory CPUs
  • 16. Xen: Type 1 with a Twist Type 1: Bare metal Hypervisor VMn VM1 VM0 Guest OS and Apps Hypervisor Host HW Device Drivers/ Models I/O Memory Scheduler MMU CPUs XEN Architecture Control domain (dom0) VMn VM1 Device Models VM0 Drivers Guest OS and Apps Linux & BSD MMU Scheduler Host HW I/O Memory CPUs
  • 19. An Approach to Security Thinking ● Threat models: – – ● Attacker can access network Attacker controls one Guest VM Security considerations to evaluate: – – What is the interface like? (e.g., pointers vs scalars) – ● How much code is accessible? Defense-in-depth: how many rings of defense surround you? Then combine security tactics to secure the installation – There is no single "magic bullet" – Individual tactics reduce danger; combined tactics go farther
  • 20. Example System For This Discussion ● Hardware setup – – ● Two networks: one Control network, one Guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) to allow for full hardware virtualization (HVM) Default configuration – Network drivers in the Control Domain (aka "Domain 0" or just "Dom0") – Paravirtualized (PV) guests using PyGrub (grub-like boot utility within context of Guest Domain) – Hardware Virtualized (HVM) guests using Qemu (as the device model) running in the Control Domain
  • 23. Attack Surface: Network Path ● Where might an exploit focus? – Bugs in hardware driver – Bugs in bridging / filtering – Bugs in netback (via the ring protocol) ● ● Netback and Netfront are part of the Paravirtualization mode Note the exploits – The main exploits exist already, even in hardware – The netback surface is very small, but needs to be acknowledged – When these are attacked in hardware, you have deep trouble – You actually have better defense in the VM than in hardware
  • 24. Result: Network Path Compromised
  • 25. Result: Network Path Compromised Vulnerability Analysis: What could a successful exploit yield? Control of Domain 0 kernel This could lead to the control of the whole system
  • 27. Security Feature: Driver Domains ● What is a Driver Domain? – Unprivileged VM which drives hardware – It provides driver access to guest VMs – Very limited scope; not a full operating system – Does not have the access or capability of a full VM
  • 28. Result: Driver Domain Compromised
  • 29. Result: Driver Domain Compromised ● Now a successful exploit could yield: – Control of the Driver Domain (Paravirtualization hypercall interface) ● – But the Driver Domain is limited: no shell, no utilities Control of that guest's network traffic ● But in the cloud, most orchestrators detect network traffic failure ● The problem is not allowed to stand very long – Control of the network interface card (NIC) – An opportunity to attack the netfront of other guest VMs ● ● But to take advantage of this platform, you need to launch another attack Compound attacks are complex, and they take time which you may not have
  • 30. Basic How To: Driver Domains ● Create a VM with appropriate drivers – ● Install the Xen-related hotplug scripts – ● ● Use any distribution suitable as a Control Domain Just installing the Xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI passthrough Configure the network topology in the Driver Domain – Just like you would for the Control Domain
  • 31. Basic How To: Driver Domains ● Configure the guest Virtual Network Interface (vif) to use the new domain ID – Add “backend=domnet” to vif declaration vif = [ 'type=pv, bridge=xenbr0, backend=domnet' ] Detailed Info http://wiki.xenproject.org/wiki/Driver_Domain
  • 32. Attacking the PyGrub Boot Loader
  • 34. Attack Surface: PyGrub ● What is PyGrub? – – ● “grub” implementation for Paravirtualized guests A Python program running in Control Domain What does it do? – It reads the guest VM's filesystem – It parses grub.conf – It displays a boot menu to the user – It passes the selected kernel image to domain builder
  • 36. Attack Surface: PyGrub ● Where might an exploit focus? – – Bugs in menu parser – ● Bugs in file system parser Bugs in domain builder Again, note the exploits – Forms of these exist in hardware as well – But hardware doesn't have as many options to combat the situation
  • 38. Result: PyGrub Compromised Vulnerability Analysis: What could a successful exploit yield? Control of Domain 0 user space This could lead to the control of the whole system
  • 40. Security Feature: Fixed Kernels ● What is a fixed kernel? – Passing a known-good kernel from Control Domain ● ● – ● No longer allows a user to choose the kernel Best practice for anything in production Removes attacker avenue to domain builder Disadvantages – Host administrator must keep up with kernel updates – Guest admin can't pass kernel parameters or custom kernels
  • 42. Security Feature: PVgrub ● What is PVgrub? – MiniOS plus the Paravirtualized port of “grub” running in a guest context – Paravirtualized equivalent of Hardware Virtualized combination of BIOS plus grub
  • 43. Result: PVgrub Compromised Vulnerability Analysis: Now a successful exploit could yield: Control of the attacked Guest Domain alone Control Domain is no longer at risk
  • 44. Basic HowTo: PVgrub ● Make sure that you have the PVgrub image – – Normally lives in “/usr/lib/xen/boot” – SUSE SLES: Currently need to build for yourself – Included in Fedora Xen packages – ● “pvgrub-$ARCH.gz” Debian-based: need to build yourself Use appropriate PVgrub as bootloader in guest configuration: – kernel="/usr/lib/xen/boot/pvgrub-x86_32.gz" See http://wiki.xenproject.org/wiki/Pvgrub
  • 45. Attacking the Qemu Device Model
  • 46. Attack Surface: Device Model (Qemu)
  • 47. Attack Surface: Device Model (Qemu) ● What is Qemu? – – ● In other contexts, a virtualization provider In the Xen Project context, a provider of needed device models Where might an exploit focus? – Bugs in NIC emulator parsing packets – Bugs in emulation of virtual devices
  • 48. Result: Device Model Compromised Vulnerability Analysis: What could a successful exploit yield? Control Domain privileged user space This could lead to the control of the whole system
  • 49. Security Feature: Qemu Stub Domains ● What is a stub domain? – Stub domain: a small “service'' domain running just one application – Qemu stub domain: run each Qemu in its own domain
  • 50. Result: Stub Domain Compromised Vulnerability Analysis: Now a successful exploit could yield: Control only of the stub domain VM (which, if FLASK is employed, is a relatively small universe) You need to devise another attack entirely to do anything more significant
  • 51. Basic HowTo: Qemu Stub Domains ● Make sure that you have the ioemu image: – – Normally lives in “/usr/lib/xen/boot” – SUSE SLES, currently need to build it yourself (SLES 12?) – Included in Fedora Xen packages – ● “ioemu-$ARCH.gz” On Debian (and offshoots), you will need to build it yourself Specify stub domains in your guest configuration: device_model_stubdomain_override = 1 Detailed Info http://wiki.xenproject.org/wiki/Device_Model_Stub_Domains
  • 53. Attack Surface: Xen Hypervisor Itself ● Where might an exploit focus? – On Paravirtualized (PV) Guests: – PV Hypercalls On full Hardware Virtualized (HVM) Guests: ● HVM hypercalls (Subset of PV hypercalls) ● Instruction emulation (MMIO, shadow pagetables) ● Emulated platform devices: APIC, HPET, PIT ● Nested virtualization Security practice: Use PV VMs whenever possible ● ●
  • 54. Using the Xen Security Module
  • 55. Security Feature: FLASK Policy ● What is FLASK? – Xen Security Module (XSM): Xen equivalent of LSM – FLASK: FLux Advanced Security Kernel – Framework for XSM developed by NSA – Xen equivalent of SELinux – Uses same concepts and tools as SELinux – Allows a policy to restrict hypercalls
  • 56. Security Feature: FLASK Policy ● What can FLASK do? – – ● Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges FLASK example policy – This contains example roles for the Control Domain (dom0), User/Guest Domain(domU), stub domains, driver domains, etc. – Make sure you TEST the example policy in your environment BEFORE putting it into production! NOTE: As an example policy, it is not as rigorously tested as other parts of Xen during release; make sure it is suitable for you
  • 57. Basic HowTo: FLASK Example Policy ● Build Xen with XSM enabled ● Build the example policy ● Add the appropriate label to guest config files: – “seclabel=[foo]” – “stubdom_label=[foo]” Detailed Info http://wiki.xenproject.org/wiki/Xen_Security_Modules_:_XSM-FLASK
  • 59. Xen + ARM = A Perfect Match ARM Architecture Features for Virtualization ARM SOC User mode : EL0 Device Tree describes … Kernel mode : EL1 I/O Hypercall Interface HVC GT GIC v2 2 stage MMU Hypervisor mode : EL2
  • 60. Xen + ARM = A Perfect Match ARM Architecture Features for Virtualization ARM SOC EL0 Device Tree describes … EL1 I/O HVC GT GIC v2 2 stage MMU EL2 Xen Hypervisor
  • 61. Xen + ARM = A Perfect Match ARM Architecture Features for Virtualization ARM SOC Any Xen Guest VM (including Dom0) Any Xen Guest VM (including Dom0) EL0 User Space User Space Device Tree describes … Kernel Kernel EL1 I/O HVC GT GIC v2 2 stage MMU EL2 Xen Hypervisor
  • 62. Xen + ARM = A Perfect Match ARM Architecture Features for Virtualization ARM SOC Dom0 Dom0 only Any Xen Guest VM (including Dom0) Any Xen Guest VM (including Dom0) EL0 User Space User Space Device Tree describes … Kernel Kernel PV back I/O PV EL1 front HVC GT GIC v2 2 stage MMU EL2 Xen Hypervisor
  • 63. ARM: Right Solution for Security ● Stays in ARM Hypervisor Mode – – Because Xen's architecture maps so well to the ARM architecture, Xen never has to use Kernel mode – Other hypervisors have to flip back and forth between modes – If a hypervisor has to enter Kernel mode, it loses the security of running in a privileged mode, isolated from the rest of the system – ● The ARM architecture has separate Hypervisor and Kernel modes This is a non-issue with the Xen Hypervisor on ARM Does not need to use device emulation – No emulation means a smaller attack surface for bad guys
  • 64. For More Information... Detailed Info http://wiki.xenproject.org/wiki/Securing_Xen Thanks to George Dunlap for supplying much of the information presented here, and Stefano Stabellini for ARM information Center of the Xen universe: http://www.XenProject.org/ Contact me at russell.pavlicek@xenproject.org Thank You!