What is the sound of one VM hacking? Quite the racket of interprocess interrupts!
Virtualization is an absolute requirement for cloud computing. Researchers are now discovering new ways to subvert virtualization.
This is big.
Most operating systems tinkerers are familiar with so-called Type 2 or Hosted virtualization. This is something like VMware Player (or Workstation or Server), or QEMU, or Virtualbox. These are applications that run on top of a host operating system. You install Linux on the hardware, then add vmplayer, and then you can run Windows inside a virtual machine.
That’s handy for desktop use, but it isn’t how the cloud providers do it!
The cloud providers use Type 1 or “bare metal” virtualization, like Xen, VMware ESX, Linux KVM, or Microsoft’s Hyper-V. In Type 1 virtualization, the hypervisor runs directly on the hardware.
For some time we had a false sense of comfort. The only known exploits subverted Type 2 virtualization, but they did not work at all against Type 1. The first examples took the form of escaping, usually through abuse of communication channels. Examples included Escaping From The Virtualization Cave and An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments.
Then there was work on attacking the hypervisor itself, as in On the Cutting Edge: Thwarting Virtual Machine Detection, Attacking Xen: DomU vs. Dom0 consideration, and Our Xen 0wning Trilogy Highlights, and Xen Episode IV: The Guests still Strike Back.
Now things have changed.
The paper Cross-VM Side Channels and Their Use to Extract Private Keys presents a major advance in virtualization attacks. As their Introduction concludes, “We thus believe that our work serves as a cautionary note for those who rely on virtualization for guarding highly sensitive secrets of many types, as well as motivation for the research community to endeavor to improve the isolation properties that modern VMMs provide to a range of applications.”
I have a lot more detail on a page on my site, but a really brief summary is that they show how they can use an aggressively scheduled but non-privileged process running on one virtual machine to steal information about a process running on another virtual machine using the same processor core.
Specifically, they manage to infer some sequences of machine instructions from their observations of the behavior of the CPU’s L1 cache. If the target is doing ElGamal cryptography using the typical implementation, a sequence of machine instructions reveals a sequence of key bits. Over a period of six hours in which the target was largely doing ElGamal cryptography, they stole a large fraction of the private key. They were left with a brute-force search of just 9,862 possibilities to find the actual private key.
You could complain that their demonstration made a number of assumptions to reduce the difficulty of the attack. There were just two VMs running on a small number of virtualized CPU cores. The target was doing an awful lot of ElGamal cryptography and little else. But these aren’t required to make the attack possible, they just make it much more practical and their demonstration less tedious.
Learning Tree’s Cloud Security Essentials course discusses the security issues of co-residency with unknown and possibly hostile virtualized instances, and it points out how Dedicated Instances are available and may be required. Yes, they cost more, but they may be a requirement.