cvf client virtualizaon frameworkcvf system overview vm mgmt inter vm communicaon resource mgmt ui...
TRANSCRIPT
CVF Client Virtualiza.on Framework
Ze’ev Maor
February 2009
2
What is it?
a SoAware plaCorm designed for development, distribu.on and execu.on of
virtualiza.on based solu.ons
In a nutshell
Hypervisor
3
Virtualiza.on Framework
Developer in VM (DomU)
Hardware
We are here
4
Mo.va.on
• Endpoint virtualiza.on is here to stay • Unified plaCorm
• New paradigm requires new framework
• SoAware vendor doesn’t have to be virtualiza.on vendor
5
Design principles
• Generic – hypervisor agnos.c • Robust – VM can only crash itself
• Security/isola.on – from full sharing to full isola.on
• Modular – supports 3rd party plug‐ins
6
CVF system overview
VM mgmt Inter VM
communica.on Resource mgmt
UI services
Hypervisor
VM API
Device manager
Disk layout Networking
mgmt
End‐user interface machine – UIM (e.g. Windows as HVM)
CVF calls/data channel Secured inter VM communica.on
Use case demo
Isolated An. Virus
7
The challenge:
Conven.onal An.virus • Runs as a process inside Windows
• Can’t be completely isolated from other processes in Windows
• Vulnerable to viruses and malware infec.on • Vulnerable to updates DOS adacks
8
The solu.on:
9
CVF powered An.virus • Runs on a separated VM side‐by‐side with Windows
• Completely isolated from Windows
• Completely immune to any viruses infec.ng Windows
• Has dedicated networking for updates
Developer APIs
3/1/09 10
11
APIs ‐ VM management
• VM crea.on
• VM deployment (VHD, VMDK, OVF)
• Signature verifica.on • VM start/stop/pause/resume
• Query VM status
• VM state triggers (date/.me, network, key sequence etc.)
• VM upgrades
12
VM deployment
IT “push” Internet download Distributed media installa.on
Deployment steps:
• Retrieval into either • Local dir under UIM par..on
• Dedicated CVF master par..on
• Cer.fica.on – checksum, signature verifica.on • Execute VM supplied “deployment script” (uses CVF VM mgmt API) Endpoint hard‐drive
UIM na.ve fs (NTFS) VMs deployed under C:\VMs
UIM na.ve fs (NTFS) CVF par..on
Legacy P2V installa.on
Dedicated “CVF” installa.on
13
APIs – Inter VM communica.on
• Cross VM, bi‐direc.onal messaging service
• Security features • Firewall • Arguments/payload sanita.on
• Payload signing
14
APIs – UI integra.on services
• Full screen view/switching • “Synergy View” • Desktop fusion
15
APIs ‐ Disk layout
CVF – disk layout manager
NTFS Physical par..ons
Virtual block devices/par..ons
Physical block devices
NTFS Ext2 Ext3 Fat32
APIs: • Get free space • Enumerate disks • Allocate disk space
• Set disk as persistent/vola.le • Snapshots
16
APIs – Networking services
• VM is assigned an IP by DHCP upon boot
• VM provides its’ host name as part of a VM XML configura.on file
• Control domain (Dom0) runs DHCP and DNS servers.
• Default topology is NAT. • In network PT mode – all traffic to external network routed through primary VM.
17
APIs – Device Manager
Currently suppor.ng USB devices and op.cal drives
APIs:
• Enumera.on • Assign/unassign to VM
• Query (is_device_free/connected etc.) • Connect/disconnect no.fica.ons
18
APIs – Trusted Compu.ng
Provides virtual TPM capabili.es to trusted VMs:
• Quo.ng PCR values • Signing payloads • Sealing payloads
19
VM Introspec.on
Purpose: allows an external component to inspect and control the OS running inside a VM.
Func.onality: • Enumerate processes • Inspect processes memory space • Start/kill processes • Inspect/control system calls • Protect processes memory space
CVF RPC mechanism
VM
3/1/09 20
Trust
boundary
User applica.on local call
Marshalling/unmarshalling
Transport: transmit‐>wait‐>receive
Dom0
RPC dispatcher
Marshalling/unmarshalling (sanita.on)
Transport:
Receive/transmit (firewall)
Call packet
Return packet
Conclusion
• An.‐virus demo development .me: 2 days
• About 150 lines of code overall • Developer required no knowledge of virtualiza.on technologies
