Monday, April 06, 2015

Common security design issues in privileged hypervisor or in any privileged emulators

Recently I've reviewed nearly 100 Xen Security Advisories (http://xenbits.xen.org/xsa/), except some bad security coding practices for any ordinary software, I found there are some specific security issues that we need to take into considerations when designing prvilieged hypervisors or privileged emulators.


"What, How, and Why" on Interrupt Window (or NMI Window) Exiting in Virtualization Technology

More recently, one of my colleagues asked me why there is a feature called "Interrupt Window exiting" in virtualization technology, and how it can be used by VMM? This blog is going to briefly describe its "what, how and why" .