This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] VMM detection

To: Wu Bingzheng <wubingzheng@xxxxxxx>
Subject: Re: [Xen-devel] VMM detection
From: Jun Koi <junkoi2004@xxxxxxxxx>
Date: Fri, 6 Mar 2009 11:04:22 +0900
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Thu, 05 Mar 2009 18:04:47 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=ZTgxKr1eFD6MXdYrjDzJTi2p/AI6dCj8HwRo2cdV/8U=; b=Byhi6FM3mOajtvLodOopTSzcb++Et0Gb91hAe/QLfqEwLXXfjjMQBOMO06xEbqle4f IE2Mzfa3GVhHuo2YW6VnftfwOprdfIzpGjLrSHbeAwHrrQpfGZIOH0hGSfHdH6hWPwXL KP6Y7E0SiRfG/Xe7nHGUDa6cL18thTwgscRio=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=V6VPqt28HazD+TfTOiSMKaUyZZuHmRhitIcvN6wkWiruI5+vHPTlPL+JHGX8hPVwMI htorFNys54Pa4wcv2GDmJqF4gogai+cE9eVZNmuOKAdUaZK36Ecu/8YUSNQktqkb5dfJ /F4tIYD9QgPZbfMYXdU0I12OkPY2uArtFk9/Q=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <C5D53FD4.433B%keir.fraser@xxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <28765877.152741236222954953.JavaMail.coremail@xxxxxxxxxxxxxxxxxx> <C5D53FD4.433B%keir.fraser@xxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
On Thu, Mar 5, 2009 at 5:37 PM, Keir Fraser <keir.fraser@xxxxxxxxxxxxx> wrote:
> On 05/03/2009 03:15, "Wu Bingzheng" <wubingzheng@xxxxxxx> wrote:
>> So do you mean that in HVM guest, the SGDT will get the GDT of guest, but not
>> Xen?
>> It lists 17 instructions in Pentium instruction set, which is virtualization
>> sensitive
>> and unprivileged, including SGDT, at paper named
>> Analysis of the IntelPentium's Ability to Support aSecure Virtual Machine
>> Monitor
>> <http://www.usenix.org/events/sec00/full_papers/robin/robin_html/index.html>.
>> Using these instructions, we can detect VMM on a PV guest.
>> I want to know if we can use these instructions to detect VMM on a HVM guest.
> No, they behave 'natively' when running as an HVM guest. The guest cannot
> easily tell it is running on a VMM.

It is not difficult if you look else where. For ex, HVM uses Bochs
BIOS, and that is a clear evidence.

There are already a lot of papers proved that it is impossible to hide
the fact that your machine is virtual. You can search on Usenix
website, for example.


Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>