Virtual Machines Xen and Terra Rajan Palanivel

Xen and Terra : Papers Xen and the art of virtualization. -Univ. of Cambridge Terra: A VM based platform for trusted computing. - Stanford Univ.

Virtual Machine and Advantages Multiplexing the real machine in to multiple “virtual” machines. General architecture consist of a software layer (Monitor) that exposes VMs and various “guest” OSs run on these VMs. Some Advantages: 1. Concurrent execution of different OS on the same hardware and hence different applications. 2. Resource Isolation. 3. Upgrade OS software to a different version without losing the ability to run older legacy OS and it’s applications.

Types of Monitor. Monitor runs on a higher privilege level than the guest OS. Sensitive/Privileged instructions. (Ex: MOV) Classified by the amount of guest OS instructions that are executed by monitor or by the real hardware. CSIM (Complete software Interpreter machine), Hybrid VM (HVM) and VMM. VMM : Requires that “Statistically dominant subset of the virtual processor instructions be executed on the real processor”. (Type 1 and Type 2) Xen –Type 1 VMM.

Type 1 and Type 2 VMMs Runs directly on hardware Good performance Type I VMM Hardware Virtual Machine Monitor Guest Operating System Guest Process Type II VMM Virtual Machine Monitor Guest Operating System Host Operating System Hardware Guest Process Uses existing host OS abstractions to implement services Poor performance

Full Virtualization Full Virtualization: No modification required for the guest OS (VMWare’s ESXServer). Drawbacks : (esp. on x86) 1. Sensitive Instructions fail without traps. 2. Need dynamic rewrite of OS kernel. 3. Shadow system structures (performance issue to sync virtual and shadow structures). 4. Guest OS may need both virtual and real resources. (Time: TCP timeouts and RTT, Machine address for super pages etc).

Xen: Para Virtualization Para Virtualization: Exposed hardware is similar but not identical to the real machine. OS modifications required. ABI not changed. (Guest apps run without changes). High performance. Xen Hypervisor.

Xen

Xen – CPU Xen Hypervisor runs in ring 0. Guest OS runs in a lower privilege level (ring 1). Privileged and sensitive instructions are paravirtualized by requiring them to be validated and executed by hypervisor. Guest OS protects itself from it’s other processes by running in a separate address space (and separate privilege level). Trap/Exception handlers are registered with Xen for validation. (Xen checks that the code segment of the handlers will not run in ring 0). Fast Exception handlers for system calls.

Xen – Memory Management Initial Memory allocation: 1. Static Allocation for each domain. 2. Dynamic expansion/contraction possible. Virtualizing memory is Complicated in x86: 1. x86-MMU handles TLB misses by searching through the page table in the hardware. (No Soft TLB support). 2. TLB flush on context switches. (No tagged TLB support).

Xen – Memory Management Virtual address translation: Page Tables: Allocated and managed by guest OSs but restricted to read only access. Updates validated and applied by Xen. (via hypercalls) Xen: Associates a type and reference count with each machine page frame. (PD, PT, LDT, GDT, RW). Xen exists in the 64 MB section on top of every address space (TLB flush prevented when entering/leaving Xen Hypervisor). Page fault Handling: (CR2 register) : Pre determined location.

Control /Data / Timers Hypercalls : synchronous calls from domain to Hypervisor. Domains do privileged operations via hypercalls. Events: asynchronous notifications delivered via events from Xen to domains. (For delivering h/w interrupts). Data transfer through Descriptor rings. (Producer – Consumer). Time and Timers: Real, Virtual and wall-clock.

Xen - Network Xen provides a Virtual Firewall-router (VFR). Each domain has one or more VIFs (virtual Interfaces) attached logically to VFR. VFR has rules of the form. Two I/O buffer descriptor rings. (Transmit and Receive). Trans: Domain updates the transmit descriptor ring. Xen copies the descriptor and the packet header. Header is inspected by VFR. Payload is not copied (Scatter-gather). Pages are pinned till completion. Recv: Xen multiplexes/firewalls using VFR and avoids copy by page flipping.

I/O Ring (Transmit or Receive)

Control and Management. Management software runs on a special guest OS (domain 0). List of parameters to manage include access control (for i/o devices), amount of physical memory per domain, VFR rules etc. Mgmt software uses control interfaces provided by Xen.

Xen – Relative Performance

Xen – Network Performance

Xen - Performance Multiple Apache processes in Linux vs. One Apache process in each guest OS

Terra: Goals Goal is to run applications with wide range of security requirements simultaneously. Multiple Closed platforms on general purpose hardware. Software stack is tailored from hardware interface up to meet the security requirements of it’s applications. Isolation and authentication.

Terra - TVMM Trusted VMM (TVMM). Facilitates Open and Closed box VMs. Open box VM runs regular commodity applications. Closed box VMs provide hardware memory protection. (Isolation) Cryptographic authentication (Attestation). TVMM acts as a trusted party to authenticate the software running in a VM to remote parties.

Terra – Architecture. Two VM abstractions (Open and close). Contents of closed box cannot be inspected or manipulated by the platform owner. Provides Isolation, Extensibility, Efficiency, Compatibility and Security. Extra features by Terra: Root Secure, Attestation and Trusted path.

Terra - Architecture

Terra – Attestation and VM Identity Attestation: Application in a closed box VM authenticates itself to remote parties. Authenticates who built the hardware and what layers of software are running on the machine. Building a certificate chain (H/w -> BIOS -> boot loader -> TVMM -> VM -> Apps). Terra uses a tamper resistant hardware (TPM). (Embedded private key)

Terra – Attestation Firmware Boot Loader TVMM ENDORSE API CALL SIGNED CERTIFICATE Hardware VM

Terra : Example Attestation TLS/SSL Session between Quicken and Remote bank server. Client sends the attestation certificate chain during TLS Handshake. 1. Lowest certificate (of h/w) in the chain is from a trusted authority. 2. All hashes in the chain are on the list of remote server’s list of authorized software. (trustable BIOS, boot loader, TVMM) 3. Topmost certificate (containing the hash of quicken) is on the list of authorized version. If all the checks are valid, then TLS is completed and session key exchanged.

Privacy Attestation process identifies the machine! (privacy concerns). Privacy CA (PCA): User’s machine send an attested cert request to PCA and PCA issues an anonymized cert for attestation. Other issues : DRM etc. – Media servers may release content only to platforms that would prevent copying, expire the media after certain time etc.

Terra – Device Driver Security. Drivers have the most security holes.. Hardware memory protection + chipset protection can prevent drivers from DMA ing to other address spaces. NGSCB architecture: 1. Runs in a curtained memory protected from DMA attacks and from untrusted OS. 2. Leverages device drivers of the untrusted OS (running in an open box VM) via an explicit interface in the untrusted Os kernel.

Q & A. QA