Without reading the article:
- virtual devices can't write to hypervisor memory as there is no guest
physical backing for those pages (software virt. only; there is no
hypervisor mapping for VT-x/AMD-V)
- if they mean host device passthru: we don't support that
On 12/10/2010 12:54 PM, Josh x90 wrote:
Hello all,
I have an interest in virtualisation security and I've been reading into the
potential DMA access security issues in virtualisation.
According to one presentation:
(http://www.research.ibm.com/haifa/conferences/systor2010/present/2_2_3_presentation.pdf)
"- Untrusted guest programs a device, without any supervision.
- Device is DMA capable (all modern devices are).
- Which means the guest can program the device to
overwrite any memory location.
- Including where the hypervisor lives . . . game over."
How does DMA access work in VirtualBox? I've been unable to find any
information on this.
Is VirtualBox vulnerable to this kind of attack?
All thoughts and links to relevant information are appreciated!
Cheers,
Josh
_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
http://vbox.innotek.de/mailman/listinfo/vbox-dev
--
Kind regards / Mit freundlichen Gruessen / Met vriendelijke groet
--
Sander van Leeuwen | Senior Staff Engineer, VirtualBox
Oracle Virtualization
ORACLE Deutschland B.V. & Co. KG | Werkstrasse 24 | 71384 Weinstadt
ORACLE Deutschland B.V. & Co. KG
Hauptverwaltung: Riesstr. 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603
Komplementärin: ORACLE Deutschland Verwaltung B.V.
Rijnzathe 6, 3454PV De Meern, Niederlande
Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
Geschäftsführer: Jürgen Kunz, Marcel van de Molen, Alexander van der Ven
_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
http://vbox.innotek.de/mailman/listinfo/vbox-dev