VMM Security Kernel =================== What is goal of DEC VMM project Goal: Build production-quality A1 system Approach: Build VM monitor that emulates hardware. Hardware interface simpler than OS, and evolves less Can then run multiple OSes on top of VMM Why not just build API emulator for VMS OS? As hard as building the VMS operating system itself Won't evolve with VMS Want to run applications written for other OSes like Ultrix Virtual machines General idea - Use virtual machines to exploit hardware protection: VMM runs in most privileged hardware mode OS runs on top of VMM in less privileged mode VMM catches and fixes anything the OS does that would: - Detect that it is not running in the highest security level - Access a raw hardware device - Violate the security of the VMM How does Vax vax protection work? user, supervisor, executive, kernel First two used by user code, last two by OS Building a VMM for the Vax What is required for an architecture to be fully virtualizable? *Sensitive* instruction reveals/modifies privileged state of processor All sensitive instructions & accesses to sensitive data must trap Is Vax fully virtualizable? No Some instructions sensitive but not privileged (don't trap) PROBER/W - test if mem region accessible at some privilege level Used to sanity-check arguments from calls by less privileged levels MOVPSL - read proc status word, including current privilege level Why is this sentitive? Because only VMM executes at most priv'd level Page tables can be modified without trapping to VMM How? E.g., the Modified bit is set on a write VMS uses all 4 protection rings, would need 5th for VMM Solve first two by modifying microcode Extra bit in PSL indicates VM status Fake PSL, VMPSL, contains emulated PSL Causes sensitive instructions to trap Solve third with ``ring compression'' Run both kernel and executive code in the executive Why is this OK? Lucky: VMS kernel happens to trust executive anyway Executive used for robustness, not security Support for I/O Device drivers in the OSes will no longer work VMM guards access to hardware Does it just emulate a real device? No On Vax, would be expensive because requires many writes to phys mem What do they do instead? Basically write operation descriptions to regular memory Then poke VMM with a single instruction that traps VOL/F11F layers in software emulate disk devices Implemented out of contiguously allocated files in a simplified file system Exchangeable volumes: use same format as regular OS Security kernel volumes: can contain mixed-label data Security architecture What are Subjects in the system? Users and VMs What are Objects? Devices, memory, disk and tape volumes What are security levels (access classes) in system? 8-bit security and integrity levels 64-bits each of secrecy/integrity category-set Secure attention key lets user communicate with directly TCB Invoking the VMM VMs can make two calls into VMM: OPERATE - mount/unmount volumes, etc. SET_ACL - change ACL on an object Users can perform many more operations Connect/disconnect from virtual machines Invoke privileges (e.g., change password, downgrade, ...) Problem: Don't want complicated parser in TCB But users want features like shell history, etc. Solution: User types security commands to untrusted OS VMM requires user to press secure attention key VMM then confirms arguments actually passed to it Example: Go over Figure 5. Do modern systems do this? Sort of - E.g., windows requires Ctrl-Alt-Del to change password This is actually a very important principle Make sure users always know what they are authorizing How might you share files between different security levels? E.g., say you want to incorporate secret file in top secret report Could mount an exchangeable secret volume read-only in top secret VM But what if secret VM is concurrently modifying file system? OS in top secret VM might not expect disk to be modified Or could store data in a security kernel volume But these aren't really general purpose file systems Maybe have to coordinate between two VMs. Unmount read-write in secret VM to mount in top secret Or explicitly copy data to specially allocated file in sec kern vol How does declassification work? A user needs DOWNGRADE_SECRECY privileges Issues SECURE command for reclassifying VMM actually sanity checks contents of data Must be text plus line feeds No extra spaces allowed at end of lines User must manually inspect file, then approve Also DOWNGRADE privileges, which might allow downgrade of arbitrary data How was project managed from software engineering standpoint? Highly-layered design (see p. 9) Lower layers prohibited from calling up (except event counts) Aggressive sanity checking across abstraction layers All freed memory set to 1s Memory sections separated by guard pages Avoid use of global pools (minimizes possibility of storage channels) Size data structures at boot time Formal methods, as required by orange book Extensive design reviews What language did they use & why? First PL/I, then Pascal. Some assembly for performance Mostly driven by quality of the available compilers Should they have used C? Probably not, because error-prone string libs High-security development environment System developed on itself Locked cage inside locked room Was it worth it? System was almost 10 years in the making For about 50,000 lines of code (see Fig. 3) Never became a product Does it sound like something you would want to use? Not even a graphical user interface Maybe in 1981 when the project started