[Cryptography] trojans in the firmware
grarpamp
grarpamp at gmail.com
Thu Feb 19 14:58:15 PST 2015
On Thu, Feb 19, 2015 at 2:17 AM, Mirimir <mirimir at riseup.net> wrote:
> https://www.virtualbox.org/manual/ch09.html#rawdisk
>
> Given that, I'm assuming that when using VDIs, the host OS doesn't allow
> VMs to directly access physical disks. And I don't see how a VM could
> reconfigure itself for raw hard disk access to the host disk, because
> doing so would such access to its own config.
The link is saying different than that.
VM VDI is just a backing file on the host OS FS, opcodes likely fail here,
note in link how VM supplies fake disk VPD to guest OS.
Host OS often runs VM as root and even may assist by loading VM kernel module.
VM's can thus passthrough host OS devices to guest OS if so configured,
and if so, VM probably does not filter any opcodes, particularly if
passing an entire physical disk.
Also consider what VT-d is doing regarding sharing physical devices.
So you'd still want opcode filtering in kernel in those cases.
More information about the cypherpunks
mailing list