[Cryptography] trojans in the firmware
Mirimir
mirimir at riseup.net
Thu Feb 19 16:35:43 PST 2015
On 02/19/2015 03:58 PM, grarpamp wrote:
> On Thu, Feb 19, 2015 at 2:17 AM, Mirimir <mirimir at riseup.net> wrote:
>> https://www.virtualbox.org/manual/ch09.html#rawdisk
>>
>> Given that, I'm assuming that when using VDIs, the host OS doesn't allow
>> VMs to directly access physical disks. And I don't see how a VM could
>> reconfigure itself for raw hard disk access to the host disk, because
>> doing so would such access to its own config.
>
> The link is saying different than that.
> VM VDI is just a backing file on the host OS FS, opcodes likely fail here,
> note in link how VM supplies fake disk VPD to guest OS.
> Host OS often runs VM as root and even may assist by loading VM kernel module.
VirtualBox in Linux doesn't require root rights. I just checked htop on
the host, and all VM processes are running as user. And visudo shows
nothing about VirtualBox.
> VM's can thus passthrough host OS devices to guest OS if so configured,
> and if so, VM probably does not filter any opcodes, particularly if
> passing an entire physical disk.
How would I test that? I suppose that I could setup a VM to boot from an
HDD, and then see if I can flash the HDD's firmware. But I'm not the
NSA, and so only success would be probative. But hey, I'll take a shot.
> Also consider what VT-d is doing regarding sharing physical devices.
> So you'd still want opcode filtering in kernel in those cases.
I see that VirtualBox can use VT-d passthrough for PCI devices, such as
NICs, and maybe displays. But don't see any mention of VT-d for disks
and CD/DVD. I do see that QEMU can do more of that, however.
More information about the cypherpunks
mailing list