[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] building a virus-proof PC with Qemu

From: Magnus Damm
Subject: Re: [Qemu-devel] building a virus-proof PC with Qemu
Date: Wed, 24 Nov 2004 00:33:02 +0100

On Tue, 2004-11-23 at 23:41, Karl Magdsick wrote:
> > sorry, but why don't you use/recommend Trusted Solaris (SPARC and i386)
> > http://wwws.sun.com/software/solaris/trustedsolaris/   ?
> > I hardly doubt that it will be too easy for anyone to clone the security
> > mechanisms it provides.
> I agree that making the operating system role-aware seems like a much
> more tractable solution than trying to externally trace data flows. 
> An external system would have to be extremely intelligent in order to
> work out the Pi calculus from observing data and low-level CPU
> operations.

Extremely intelligent? The theory seems pretty simple to me.
Maybe we are talking about different things?

What about this: Analyze the code block that is translated from
guest-instructions to micro operations. If any of the guest-instructions
are data that is either unmodified untrusted data or data that is the
result of any operation involving untrusted data, then create a block of
illegal instructions. Or handle the violation in a smarter way.

This assumes that it is to possible mark RAM bytes as untrusted, and a
code flow analyzer keeping track if resources (registers, flags) contain
trusted or untrusted data. Maybe something like this:


/ magnus

reply via email to

[Prev in Thread] Current Thread [Next in Thread]