From owner-freebsd-virtualization@freebsd.org Fri May 25 08:07:06 2018 Return-Path: Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 13B97F75AEC for ; Fri, 25 May 2018 08:07:06 +0000 (UTC) (envelope-from araujobsdport@gmail.com) Received: from mail-wr0-x22e.google.com (mail-wr0-x22e.google.com [IPv6:2a00:1450:400c:c0c::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7B3FB775C2 for ; Fri, 25 May 2018 08:07:05 +0000 (UTC) (envelope-from araujobsdport@gmail.com) Received: by mail-wr0-x22e.google.com with SMTP id x9-v6so7593454wrl.13 for ; Fri, 25 May 2018 01:07:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc; bh=AiPhObcQGzDvWu9aKVEnCtPMWCO8QKQuWRbR4+g6DdU=; b=lqlfYh4mmVsawvYnxls+MC3j6Hv4m2zxTywXEYpb4m335cBC2aI1XQWYc7cCUIeT8X xo9paUGzCzEdc+XZqfOnjYXibq1i6H3ejk/9F8/sky76v0Yv6P9A4njL2PS0g9fu7j2T hsqWvSxZJr2EVc1Ah48mrp4jUlCNenmZcpHki2mExf/vluZYoq/4bYUfQy8qn4qHWflV D+KG6iayxaKYr1aOtUn4bwk3Y4UXJtZNHBwCPQhH/QxofruzVcFNhU5s8THClpwrECyk rtbg02cZtQu+Y1zKOejIMqb2Zr+BU+4k4Uly1MlgX3m2MRomVaLxP5IPxeldaDmVrilc 0e6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc; bh=AiPhObcQGzDvWu9aKVEnCtPMWCO8QKQuWRbR4+g6DdU=; b=j5WNP2DQu84eL5Tv160mHVxovN1M28qvtZqc+ys31w61qyTAcd3KURafb/4e1XknDA jXUJEwhGAquqrZHCzV5csG6s8jGi2pHNXsp++0KywZbEDYWO4mppVFnr/yjdEDH8oBZ9 5EikcWSZrpvC0ZSDbeqyzgmoyvWVcQ5oJxk46nX0CkONeOzWsx0yt5GeDg39pP9pIVPR 9W+reATTNpzRA3L2fBSNZWVgHnc4CsyAs2SIEc4Irdijf3CKl/nZ2RyoJxPbd+cgcDLq tLf/mEgY/xF3Y1CJ7XwT43lbxsCbKv3BoEtfbeCOUBrvSr69Yng4V4jXCvgCSYz8ec0S RQmw== X-Gm-Message-State: ALKqPwcLKFs1ywk3nnmIV0hR34NpwFGPqhq9QhiVhI0FdwMwsoj+khBB 5UrhLo+9hq5UkL6b6q8jNxtdcO//8INp4JeCDu0= X-Google-Smtp-Source: ADUXVKLSHbC4zsC5oAG3cUbpb8avweEPUUTGV8qHzyDyVhs4yagkdrkIk8Rg/cKoMqPQf+WZPVeKz0hjh+zv8NsVZDo= X-Received: by 2002:a19:9a10:: with SMTP id c16-v6mr819873lfe.60.1527235623988; Fri, 25 May 2018 01:07:03 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a19:1fc9:0:0:0:0:0 with HTTP; Fri, 25 May 2018 01:07:03 -0700 (PDT) Reply-To: araujo@freebsd.org In-Reply-To: <8B1DEC42-1B40-4957-AEB6-2D9BA019287F@cs.huji.ac.il> References: <49FCEBE6-5551-42C1-8A9F-5F84ECAD0581@cs.huji.ac.il> <8B1DEC42-1B40-4957-AEB6-2D9BA019287F@cs.huji.ac.il> From: Marcelo Araujo Date: Fri, 25 May 2018 16:07:03 +0800 Message-ID: Subject: Re: bhyve client: who is hosting me? To: Daniel Braniss Cc: Darius Mihai , freebsd-virtualization@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.26 X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 May 2018 08:07:06 -0000 2018-05-25 16:05 GMT+08:00 Daniel Braniss : > > > > On 25 May 2018, at 10:02, Darius Mihai wrote: > > > > On Fri, May 25, 2018 at 9:08 AM Daniel Braniss > wrote: > > > >> Hi, > >> I=E2=80=99m trying out bhyve with different setups, but mailny FreeBSD= (11.2 and > > 12), and > >> was wondering if there is any way for the client to know who is hostin= g > > it? > > > >> thanks, > >> danny > > > > Hi, > > > > What do you mean 'knowing who is hosting it?' > > If you mean obtaining information such as IP address or hostname of the > > host from inside the guest operating system, it should not be possible > and > > is likely a security flaw if it were allowed by default. > > ok, so not by default, but is there a way? > i don=E2=80=99t know why this is a security flaw - maybe security by obsc= urity? in > any case > since the client knows that it=E2=80=99s running as a bhive client, > (hw.hv_vendor), again, if > this is also a security flaw, it could be set/reset when the client is > being configured? > > thanks, > danny > > Maybe you can use virtio-console and bhyve-vm-goagent? https://github.com/freenas/bhyve-vm-goagent Best, > > > > Operating systems should ideally be unable to determine even that the > > system is a virtual machine instead of a hardware based host; however > since > > bhyve uses VirtIO devices and other virtualization mechanisms due to > > performance issues you are indeed able to determine that the OS is > running > > in a virtual machine. More specific information should be impossible to > > obtain if not injected by the host (e.g., running a web server on the > host > > with some information, adding a virtual block device with a configurati= on > > file, and so on). > > > > Darius > > > >> _______________________________________________ > >> freebsd-virtualization@freebsd.org mailing list > >> https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > >> To unsubscribe, send any mail to " > > freebsd-virtualization-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to "freebsd-virtualization- > unsubscribe@freebsd.org" > --=20 --=20 Marcelo Araujo (__)araujo@FreeBSD.org \\\'',)http://www.FreeBSD.org \/ \ ^ Power To Server. .\. /_)