From owner-freebsd-virtualization@freebsd.org Fri May 25 08:33:32 2018 Return-Path: Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DDF83F761CC for ; Fri, 25 May 2018 08:33:31 +0000 (UTC) (envelope-from dariusmihaim@gmail.com) Received: from mail-qk0-x242.google.com (mail-qk0-x242.google.com [IPv6:2607:f8b0:400d:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 53C2E7803E; Fri, 25 May 2018 08:33:31 +0000 (UTC) (envelope-from dariusmihaim@gmail.com) Received: by mail-qk0-x242.google.com with SMTP id h140-v6so3471765qke.2; Fri, 25 May 2018 01:33:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=sEvFUo4Z67Chi8SAvfhogc9lqESxAoea6t2qj7XgXr0=; b=OUHDm3s2DX47Mt5G8hFX8lkN2k1Aam4Cy/pFmKtxWETodwz+8Mm6VKP0++efmd0To/ 7IlWICYMFkMqeu3pZXERAMTRzYRmyMXbAQeRxZXD4hPSOCn5Et4mgl7BHZ5Csd1PrJiF Q0zdfpw57Q279n1cpe763htfdNpjxI8rtZ+YviTBu4syT2i+11c1L9hIiaCUfuaVTWwN M35UWN2q9Sn+n230/sxfkfhvAikTfYRPngcgFdveVuH5rzZYFZ5BNbytdMlhxotbiSJH Tvnxog8Pkh9U7EIrANUTstgUrp8oeIevhgDy/t1QO3rC7ZQawWttPjHcduHWtqRwaqu6 /P7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=sEvFUo4Z67Chi8SAvfhogc9lqESxAoea6t2qj7XgXr0=; b=qSPNzK8bP/B5li4HC18OWNYBUnxgLIA+7DhOsFE5mh2Ay1jsFJtjaMAqJfFuvdZfpu 31EIx3YmX6rMxVf7B933oQXgKltiuK7ZCPAsObCozrFi+/1jsURs+w076KumsZ3Fwd5S oLYqwtHKY2232e/S9VWLteYJt/zyWhUFnrNzzMYTeAalPWxoBdIkpsYEwAbVyzrSWRf8 iFDKJNMeVOt4xflQ3mDuFoXtLcWBfGo0fSs+bvhC2g4Fuwsgng28FDuWu14A8K/KfgEi AD2Bh3pmwhcJ11ndb1S6nll/xPdl2emdBAzHnaI6YNS2LUmi0EhsyXRu0buzMJDGcFqX ZWQg== X-Gm-Message-State: ALKqPweVvCFSucGTJj+biYidVpznIxmA8Rv7f1cAD1NYp/k2VMgLRHJl hhzN2DiOpAsLePcPQdhmH+PpYDXnT35F8WYzlic= X-Google-Smtp-Source: ADUXVKIwHgctoT/OtNzjmlaCyJKHL81xfpGx3Ee2GVX12R6lfBzB4/yXy/0XFXQm5gIhf3+vhf76iffjKECmbw0tgV4= X-Received: by 2002:a37:8202:: with SMTP id e2-v6mr1120369qkd.202.1527237210807; Fri, 25 May 2018 01:33:30 -0700 (PDT) MIME-Version: 1.0 References: <49FCEBE6-5551-42C1-8A9F-5F84ECAD0581@cs.huji.ac.il> <8B1DEC42-1B40-4957-AEB6-2D9BA019287F@cs.huji.ac.il> In-Reply-To: From: Darius Mihai Date: Fri, 25 May 2018 11:32:54 +0300 Message-ID: Subject: Re: bhyve client: who is hosting me? To: araujo@freebsd.org Cc: danny@cs.huji.ac.il, freebsd-virtualization@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 May 2018 08:33:32 -0000 On Fri, May 25, 2018 at 11:07 AM Marcelo Araujo wrote: > 2018-05-25 16:05 GMT+08:00 Daniel Braniss : >> > On 25 May 2018, at 10:02, Darius Mihai wrote: >> > >> > On Fri, May 25, 2018 at 9:08 AM Daniel Braniss wrote: >> > >> >> Hi, >> >> I=E2=80=99m trying out bhyve with different setups, but mailny FreeBS= D (11.2 and >> > 12), and >> >> was wondering if there is any way for the client to know who is hosting >> > it? >> > >> >> thanks, >> >> danny >> > >> > Hi, >> > >> > What do you mean 'knowing who is hosting it?' >> > If you mean obtaining information such as IP address or hostname of th= e >> > host from inside the guest operating system, it should not be possible and >> > is likely a security flaw if it were allowed by default. >> ok, so not by default, but is there a way? >> i don=E2=80=99t know why this is a security flaw - maybe security by obs= curity? in any case >> since the client knows that it=E2=80=99s running as a bhive client, (hw.hv_vendor), again, if >> this is also a security flaw, it could be set/reset when the client is being configured? Not really security by obscurity. The virtual machine should be a standalone construct that leaks no outside information to a malicious entity (e.g., a compromised HTTP server that an attacker used to obtain root permissions on the virtual machine). That being said, some information (e.g., that the OS is running as a virtual machine) is required by specific drivers for virtual devices with increased performance (e.g., networking without vtnet is almost unusable; vtnet is a VirtIO device that declares a specific device number to the driver). This information is considered largely harmless, since you cannot obtain information on host IP address, name, hardware resources, host operating system version and applications, etc., but may require rework in the future if exploits based on it emerge. >> thanks, >> danny > Maybe you can use virtio-console and bhyve-vm-goagent? > https://github.com/freenas/bhyve-vm-goagent I'm not sure about how this works; on the readme it says you can read guest information. If it is bidirectional, it is similar to the webserver idea I had in mind. > Best, >> > >> > Operating systems should ideally be unable to determine even that the >> > system is a virtual machine instead of a hardware based host; however since >> > bhyve uses VirtIO devices and other virtualization mechanisms due to >> > performance issues you are indeed able to determine that the OS is running >> > in a virtual machine. More specific information should be impossible t= o >> > obtain if not injected by the host (e.g., running a web server on the host >> > with some information, adding a virtual block device with a configuration >> > file, and so on). >> > >> > Darius >> > >> >> _______________________________________________ >> >> freebsd-virtualization@freebsd.org mailing list >> >> https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization >> >> To unsubscribe, send any mail to " >> > freebsd-virtualization-unsubscribe@freebsd.org" >> _______________________________________________ >> freebsd-virtualization@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization >> To unsubscribe, send any mail to " freebsd-virtualization-unsubscribe@freebsd.org" > -- > -- > Marcelo Araujo (__) > araujo@FreeBSD.org \\\'',) > http://www.FreeBSD.org \/ \ ^ > Power To Server. .\. /_) Darius