I know the developers at ITL have their hands busy with this right issue right now, but I have a (long winded) curiosity question in hope to gain some context when you get a chance to think about it.

I can see that in this particular potential exploit one might use a client vm's PCI device to exploit an emulated instruction, then used to generate a memory offset that potentially could be used as a pointer to break out of the Xen hypervisor jail. Correct?

My question here would be whether the Xen FLASK subsystem might have given some level of protections against this kind of "emulated" instruction exploit, given that labeling of virtual devices and memory is supported (e.g. flask-label-pci). I realize you may need to give client VMs access to pci devices in general, and this particular pci label does not protect against use of pointers to memory, but could the client call then be restricted to just the necessary IO memory in this case, and thus forcing an AVC denial fault when that generated pointer is actually used outside that range? Or are these emulated instructions running in a hypervisor context that would ignore its own FLASK policy?

I am merely asking the above because when it comes to security I am definitely a belt and suspenders kind of person. My way of thinking would be to instrument the system such that the FLASK subsystem, in both the client VM's and in Xen itself, would feed back into an active intrusion detection mechanism, so that any fault could instantly freeze a client VM for forensic analysis purposes.

An intruder is going to try certain things, like jiggling door knobs so to speak, and in this particular case just trying to access any pci device that has not explicit permissions set, the system would trap the intruders process, caught right in the very act of trying to take ownership of the hypervisor. Exploit code still loaded in memory, source code possibly still available, network context still in tack. Game over. You loose. Please try again!


From the Xen FLASK docs:

"Device Labeling in Policy
-------------------------

FLASK is capable of labeling devices and enforcing policies associated with them. There are two methods to label devices: dynamic labeling using flask-label-pci or similar tools run in dom0, or static labeling defined in policy. Static labeling will make security policy machine-specific and may prevent the system from booting after any hardware changes (adding PCI cards, memory, or even changing certain BIOS settings). Dynamic labeling requires that the domain performing the labeling be trusted to label all the devices in the system properly."

and...

"The AVC denials for IRQs, memory, ports, and PCI devices will normally contain the ranges being denied to more easily determine what resources are required. When running in permissive mode, only the first denial of a given source/destination is printed to the log, so labeling devices using this method may require multiple passes to find all required ranges."


My thoughts. In the default permissive mode (in XSM:FLASK & SELinux) all avc's generated could be collected and used to auto-generate a security policy file (e.g audit2allow) specifically for that particular system and installed software. When installing a new subsystem a user would place the system/clientVM in this special collection mode, run and exercise the system for a period of time to allow all the proper avc's to be identified, then run the avc's it collected back through a policy generator. Last of all they install that new security policy and activate it. This way the system knows all features that user/system needs explicit permissions for, and anything outside of that set would by default create avc events that either centrally warn the owner of a potential intrusion or for just certain faults, immediately freeze the intruders client VM process in place. Carbonite the exploit toolkit right in place.

The absolute worst possible situation to be in is being hacked _and_ not knowing it. A good mechanism for detection is paramount if you want to prevent that. You may not be able to prevent software bugs from being exploited, but you don't need to give the intruder the chance to clean you out and take it all. Active policy could simply slam the lid on the cookie jar and limit the damage done.

In Qubes we deliberately give sudo/root capability by default to the general user, which is great for the user, but not so great if an intruder knows how to become persistent and invisible within a VM. That is rather easy once you have used Qubes and understand its file system design. If they are editing /rw/usr/local, and it were labeled as off limits for write by root, and the system actively trapped an intruders attempt to hook into it, then we would all be much better off not needing to do useless tripwire on everything, and wasting valuable CPU time while still missing the files the rootkit has been actively hiding. APT is likely preventable if you have the tools to trap their initial probes and exploits rather than log them, and while we watch, the logs just get removed to clean up behind them. If we don't know to check a log before its removed then what has it accomplished? The answer is it needs to be event driven, and then perform active measures in response to any detectable tampering. Not all is detectable, but a lot of it is.

I realize Joanna has previously expressed her opinion about SELinux being pretty much useless for prevention of intrusions, in comparison to the protections that the hypervisor provides. I would agree with that. But, what I also think is that we are missing out on a good set of intrusion detection tools, and that a stock Qubes system simply built and set up in permissive mode by default might be just the ticket for the development of an active exploit detection system. We would just need a way to collect all those events into some kind of a policy rule based decision making service and act on certain high risk events. This likely needs Xen support of some kind, or an RPC mechanism for passing events back from the client to be evaluated. If a user wants active protections they just need to put it in 'learning mode' for a while and then turn on the new policy for active protection going forward.

We all know ITL developers have their hands full with what you already have on your plate. We users appreciate everything you do, and I for one would love to see what can be done to improve on a few things and give back to the community. I have not yet built Qubes from scratch, and as dynamic as the development changes have been I had been holding off. If this does not run counter to the goals of ITL I may look into this one day, and hopefully it will help prevent other future such exploits like this one from being successful. Your thoughts would be appreciated.


Thanks again for all that you do,

Steve

On 11/22/2016 07:44 AM, Marek Marczykowski-Górecki wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Dear Qubes users,

We have just released a new Qubes Security Bulletin (QSB #27):

https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-027-2016.txt

- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJYND2gAAoJENuP0xzK19csZDEH/3khwJcaCdDCLuueMOxQD41D
pA0/uTck63+SvwcUTaCDldWD4RznX4H4F/JQvZz4xjv/xHDkPkeWC9PlGU+g9k+m
yr9U7ae33tLmSrYS/rinVtu0dJp4ttY3iisr2S+3/ZjU7ZFM46fPhMkXQnUcMrI/
ezSfyLVDWHC/LdmYoKZ6mNHZUN3ioILPmb6NsS1cIOA6aEB6XuFdgdq0DvnoIusb
Shb7h6eGiX4K2WhmToem5g2zg5DsVarUq+TLtZG0aPae8iywf7fHGtGT6KGhPHBL
swyGvR/V2+kFOPaG+1c2C7+2t2wE1DrNvz7rWnX6uMG84R0x89MqqJzcH5ZwM10=
=mkFF
-----END PGP SIGNATURE-----


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9c8fc231-742b-b7cb-ac48-e4afd9f0129e%40jhuapl.edu.
For more options, visit https://groups.google.com/d/optout.

Reply via email to