[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] Looking for Hypervisor Vulerability Example



> James Morris' presentation is referring to this published
> demonstration
> of exploiting Xen a few years ago
> 
>   http://www.securityfocus.com/archive/1/497376
>   http://invisiblethingslab.com/resources/misc08/xenfb-adventures-10.pdf
> 
> The key difference sVirt makes is at chapter 3.4 in the
> paper.
> 
> In Xen world, there was a single SELinux domain (xend_t)
> that covered
> XenD and all the QEMU processes. Since all VMs & XenD
> ran as the same
> context, any exploited QEMU process in Xen, could access
> any other
> guest disks, as well as any host disks.
> 
> In the KVM + sVirt world, every QEMU process is separated
> by a dedicated
> MCS category on its SELinux context. The disks assigned to
> a guest are
> labelled with the same MCS category. This means that an
> exploited QEMU
> can only access disks which were explicitly assigned to it,
> and cannot
> access the host disk devices. This prevents the step in
> that paper
> where they overwrite various key files in the host OS root
> filesystem
> 
> Regards,
> Daniel
> 
Cool!
Is there any well documented KVM exploit that can be reproduced without too much trouble, assuming SELinux (sVirt) is turned off? Then I can demonostrate the effect of sVirt by turning it on.
Thank you very much.

Shi


      


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]