From owner-freebsd-virtualization@freebsd.org  Fri May 25 08:05:16 2018
Return-Path: <owner-freebsd-virtualization@freebsd.org>
Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7FD7EF759AF
 for <freebsd-virtualization@mailman.ysv.freebsd.org>;
 Fri, 25 May 2018 08:05:16 +0000 (UTC)
 (envelope-from danny@cs.huji.ac.il)
Received: from kabab.cs.huji.ac.il (kabab.cs.huji.ac.il [132.65.116.210])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0410A774F9
 for <freebsd-virtualization@freebsd.org>; Fri, 25 May 2018 08:05:15 +0000 (UTC)
 (envelope-from danny@cs.huji.ac.il)
Received: from bach.cs.huji.ac.il ([132.65.80.20])
 by kabab.cs.huji.ac.il with esmtp
 id 1fM7io-000KIm-7L; Fri, 25 May 2018 11:05:10 +0300
Content-Type: text/plain;
	charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
Subject: Re: bhyve client: who is hosting me?
From: Daniel Braniss <danny@cs.huji.ac.il>
In-Reply-To: <CAPj=67vS8QkTgvYaQpn68Bod-1hsUxT+uN4=aZP31GhAH9g8Rw@mail.gmail.com>
Date: Fri, 25 May 2018 11:05:09 +0300
Cc: freebsd-virtualization@freebsd.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <8B1DEC42-1B40-4957-AEB6-2D9BA019287F@cs.huji.ac.il>
References: <49FCEBE6-5551-42C1-8A9F-5F84ECAD0581@cs.huji.ac.il>
 <CAPj=67vS8QkTgvYaQpn68Bod-1hsUxT+uN4=aZP31GhAH9g8Rw@mail.gmail.com>
To: Darius Mihai <dariusmihaim@gmail.com>
X-Mailer: Apple Mail (2.3445.6.18)
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
 <freebsd-virtualization.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization/>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 25 May 2018 08:05:16 -0000



> On 25 May 2018, at 10:02, Darius Mihai <dariusmihaim@gmail.com> wrote:
>=20
> On Fri, May 25, 2018 at 9:08 AM Daniel Braniss <danny@cs.huji.ac.il> =
wrote:
>=20
>> Hi,
>> I=E2=80=99m trying out bhyve with different setups, but mailny =
FreeBSD (11.2 and
> 12), and
>> was wondering if there is any way for the client to know who is =
hosting
> it?
>=20
>> thanks,
>>         danny
>=20
> Hi,
>=20
> What do you mean 'knowing who is hosting it?'
> If you mean obtaining information such as IP address or hostname of =
the
> host from inside the guest operating system, it should not be possible =
and
> is likely a security flaw if it were allowed by default.

ok, so not by default, but is there a way?
i don=E2=80=99t know why this is a security flaw - maybe security by =
obscurity? in any case
since the client knows that it=E2=80=99s running as a bhive client, =
(hw.hv_vendor), again, if
this is also a security flaw, it could be set/reset when the client is =
being configured?

thanks,
	danny
=20
>=20
> Operating systems should ideally be unable to determine even that the
> system is a virtual machine instead of a hardware based host; however =
since
> bhyve uses VirtIO devices and other virtualization mechanisms due to
> performance issues you are indeed able to determine that the OS is =
running
> in a virtual machine. More specific information should be impossible =
to
> obtain if not injected by the host (e.g., running a web server on the =
host
> with some information, adding a virtual block device with a =
configuration
> file, and so on).
>=20
> Darius
>=20
>> _______________________________________________
>> freebsd-virtualization@freebsd.org mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
>> To unsubscribe, send any mail to "
> freebsd-virtualization-unsubscribe@freebsd.org"