Security Overview of the Integrity Virtual Machines Architecture

Introduction ................................................................................................................................... 2 Integrity Virtual Machines Architecture................................................................................................ 2 Virtual Machine Host System ......................................................................................................... 2 Virtual Machine Control............................................................................................................ 2 Scheduling Access to Physical Resources ..................................................................................... 3 Virtual Machines......................................................................................................................... 3 Virtual Machine Monitor............................................................................................................... 3 Virtual Ethernet Switches............................................................................................................... 4 Processor Virtualization ................................................................................................................... 4 Memory Virtualization ..................................................................................................................... 4 Storage Virtualization...................................................................................................................... 5 Virtual Networking.......................................................................................................................... 5 Virtual Ethernet Switches............................................................................................................... 5 Virtual Network Interface Cards..................................................................................................... 6 Virtual Machine Management........................................................................................................... 7 Command Line Interface............................................................................................................... 7 Graphical User Interface .............................................................................................................. 8 Customizable Roles for Access and Management ............................................................................. 8 General Security for the VM Host System ............................................................................................ 8 Conclusion .................................................................................................................................... 9 For more information....................................................................................................................... 9

Introduction
HP Integrity Virtual Machines (Integrity VM) is a soft partitioning and virtualization technology within HP's Virtual Server Environment, which enables you to create multiple virtual servers within a single HP Integrity server, hard partition, or blade. A single HP Integrity system running Integrity VM can support multiple virtual machines, each with its own separate guest operating system. As a result, each virtual machine (VM) can host its own applications in an isolated environment. Integrity VM shares the physical resources of the Integrity server amongst all of the virtual machines it hosts. You can define virtual machines as single-CPU or SMP servers with the flexibility to host many virtual CPUs on a single physical processor. The same is true for I/O a single I/O card can be shared by multiple virtual machines. HP enables both flexibility and scalability with its Integrity VM technology. You can create virtual servers with multiple virtual CPUs and I/O devices, each running a separate operating system instance with different OS versions, applications, and users. The result is a virtual machine technology that provides increased hardware utilization and flexibility in server provisioning with isolation, improved system availability, and higher capacity. Integrity VM development is performed using strict security guidelines and each product release undergoes a formal security review in the design phase.

Integrity Virtual Machines Architecture

There are effectively multiple layers of technology in the Integrity VM architecture the physical computer system and its operating system (VM Host) supporting the virtual machine environment, Virtual Machine Monitor (VMM), and finally the virtual environment which contains virtual Ethernet switches and virtual machines.

Virtual Machine Host System

The VM Host is responsible for managing and allocating physical resources to virtual machines. It also enforces isolation of virtual machines while providing communication capabilities for virtual I/O adapters and Ethernet switches. The VM Hosts operating system is HP-UX 11iv2 which has an EAL4+ assurance rating. HP-UX 11iv2 has been successfully evaluated against the requirements for the EAL4 Common Criteria (ISO 15408) Assurance Level, augmented by ALC_FLR.3 (flaw remediation), using the Controlled Access (CAPP) and Role-Based Access Control (RBAC) Protection Profiles Virtual Machine Control Each virtual machine is managed analogously to a UNIX process. After a VMs threads finish execution of their time-slice on a given physical processor, they are context-switched out with their state and register contents saved. Before another process or VM begins execution, its context is restored, including its register contents, before execution begins. In doing so, the VM Hosts operating system removes register contents and state of the previously executing thread from that processor.

Scheduling Access to Physical Resources One of the critical functions of the VM Host is managing VM access to physical resources processor resources in particular. Each virtual machine has a guaranteed resource entitlement associated with it. Leveraging the fair-share scheduler (FSS) functionality inherent in the HP-UX operating system, the VM Host system enforces processor resource allocation to virtual machines. The Integrity VM scheduler accomplishes this by assigning each VM to a unique FSS allocation group. These FSS groups are analogous to those found in HP Process Resource Manager. This functionality guarantees allocation of physical processor resources sufficient to meet the demand of a virtual machine until that allocation reaches the virtual machines entitlement. Once a virtual machine receives its entitled share of resources it will not receive any additional resources until all other virtual machines have their resource demands met in the same manner. The VM Host system enforces this allocation behavior regardless of the resource demand of other virtual machines hosted on that VM Host system. Integrity VM uses processor resources to emulate virtual I/O adapters configured for a virtual machine. As these virtual adapters are part of the virtual machine, their use is also subject to that virtual machines guaranteed processor entitlement. The FSS functionality is also applied to other entities running on the VM Host system, including virtual Ethernet switches, management tools and agents such as those used by HPs Global Workload Manager and Glance. The VM Host identifies any entity that is not part of the Integrity Virtual Machine environment and places it in an FSS group that collectively has a minimal guaranteed entitlement. This provides a minimal amount of processing resources necessary for management tools while protecting virtual machines from entities that may deliberately or inadvertently attempt to affect resource allocation to those virtual machines.

Virtual Machines
Integrity Virtual Machines presents a virtualization of an Integrity-based computer system by virtualizing computer system components such as processors, memory, storage, and network interfaces. Such a virtual machine is accessed through the Intel Extensible Firmware Interface (EFI) providing functionality analogous to that of a physical server. Operating systems are installed on the virtual machine using its firmware interface in the same way as they are with physical HP Integrity servers.

Virtual Machine Monitor

Each virtual machine has a virtual machine monitor (VMM). The VMM provides memory management, device emulation, binary translation, and low-level fault handling functionality to the virtual machine. Integrity systems feature processors with four privilege levels or rings. Ring zero is the most privileged and ring three is the least. Only code executing in ring zero can perform privileged operations. Integrity VMs virtual machine monitor assists in limiting the time a virtual machine executes in ring zero by trapping interrupts whenever code running in the virtual machine executes a privileged operation. In most cases, the VMM uses the binary translator to create a sequence of instructions that performs the same privileged instruction task, but does so without any privileged operations. In doing so, the VMM prevents the virtual machine from executing in a higher processor ring. The virtual machine monitors management of memory and emulation of virtual devices prevents the virtual machine from reading or executing translated code as well as preventing access of the virtual devices belonging to other virtual machines. As a result, the VMM also services those interrupts that must be delivered to the physical VM Host system using its low-level fault handlers, e.g., to service memory-access faults or complete an I/O transaction to physical storage.

Virtual Ethernet Switches

Integrity VM virtualizes two major entities, computer systems (machines) and Ethernet network switches. These virtual switches may be connected to virtual Network Interface Cards (NICs) on a virtual machine and to logical network ports on the physical VM Host system. VLANs allow a physical LAN to be segmented into multiple broadcast domains so that machines in different VLANs may not communicate with each other. Integrity VM provides support for IEEE 802.1q VLAN functionality by enabling the configuration of ports on virtual switches to be isolated to a given VLAN. The virtual switch tags all frames sent by virtual machine through that port. Conversely, only those inbound frames tagged for that VLAN would be forwarded through that port to the virtual machine, with the virtual switch removing the tags for those inbound frames.

Processor Virtualization
Virtual machines can have one or more virtual processors. These virtual processors are effectively singe-core and single-threaded. Each virtual processor or virtual CPU (vCPU) is manifested as a single thread executing on the VM Host system. Integrity VM forces these threads to execute on separate physical processor cores while allowing them to begin execution at the same time. As a result, virtual SMPs are protected from processing sluggishness caused by non-synchronous execution of their virtual CPUs. At the same time, these virtual SMPs enjoy the benefits of the fair-share scheduling functionality, precluding denial of service attacks. Hyperthreading allows threads to share memory and state on a single processor and, as a result, may provide opportunities for other software or virtual machines to monitor the execution and state of another virtual machine. Integrity VM disables hyperthreading in the VM Host as well as inside the virtual machines themselves, eliminating the potential for such security breaches.

Memory Virtualization
When a virtual machine is started, the virtual machine monitor allocates memory on the VM Host system and presents that memory to the virtual machine as if it were private, physical memory. Each virtual machine is provided with a virtualized physical address spaced called guest physical memory. The guest operating system manages this guest-physical memory in exactly the same way the operating system manages physical memory on a physical computer system. The VMM manages the mapping of guest-physical memory to real-physical memory on the VM Host system. Any interaction of the guest operating system with its memory management entities such as page tables and translation look-aside buffers are intercepted by the VMM, controlling access to physical memory management structures. If the guest operating system or its applications attempt to access memory other than what has been allocated by the VMM, then Integrity VM delivers a fault to the guest operating system preventing such behavior sometimes referred to as hyperspacing. Integrity VM fills memory allocated initially to a virtual machine with zeros. Whenever a virtual machine uses dynamic memory control to acquire guest-physical memory, that memory is also zero filled before the VMM allows the virtual machine access. Hence, at any given point in time, a virtual machine has exclusive access to memory and the contents of that memory cannot contain data from any other virtual machine or process.

Storage Virtualization
Integrity VM virtualizes the memory-mapped I/O architecture of the Itanium processor family. It intercepts loads and store to memory addresses that would represent physical devices in a real computer, and emulates the behavior of the corresponding devices. To allow guest operating systems to control I/O devices with complete isolation and flexibility and without adding virtualization-aware drivers, Integrity VM provides register-level emulation of I/O devices. Register-level emulation is accomplished by emulating the semantics of a device such that the existing device drivers in an operating system can communicate with the virtual device. The VMM contains device emulators that intercept memory accesses and take appropriate action. In most cases, these emulators format an I/O request message that is then sent on to the VM Host operating system. The VM Host operating system then sends the I/O request to its own device driver stack where it ultimately accesses the physical device. Upon completion of the I/O request, the real hardware delivers an external interrupt serviced by the VM Host, which causes the VMM to trigger the delivery of a virtual interrupt in the guest operating system. This interrupt signals to the guest operating system that its I/O transaction has completed. When the VMM intercepts I/O requests from the virtual machine, it validates I/O space addresses and ports, as well as data address ranges so that, for example, attempts to write to invalid media are prevented. Similarly, the VMM intercepts invalid instruction sequences resulting in faults delivered to the guest operating system delivering them. Integrity Virtual Machines also provides accelerated virtual I/O (AVIO) devices that deliver higher performance while still providing connectivity to logical storage and virtual switches. This functionality requires AVIO modules on both the VM Host system as well as the guest operating systems. The VM Hosts AVIO module performs all address validation and translation of I/O requests before forwarding them on to the physical I/O device. This will ensure that virtual machines are not able to accidentally or maliciously corrupt memory on other virtual machines or the VM Host.

Virtual Networking
With Integrity VM, the virtual networking functionality is manifested as a combination of virtual network interface adapters on virtual machines, virtual Ethernet switches, the network stack on the VM Host system and, optionally, network ports on the VM Host.

Virtual Ethernet Switches

The virtual Ethernet switch dispatches network traffic among the various virtual machines on a system. It consists of a HP-UX kernel module that connects to the HP-UX network stack on the VM Host, and a user-space application that invokes that driver. The virtual switch (vswitch) has ports that can be connected to virtual network adapters, analogous to ports on a physical network switch and physical servers. The virtual switch may or may not be connected to a logical port on the VM Host system. If the virtual switch is not connected to such a port, then communication through that vswitch is limited to virtual adapters located on that physical VM Host system. Moreover, such a configuration also prevents communication with the VM Host system itself. The configuration of a vswitch so that it is connected to a logical network port on the VM Host system results in that vswitch being connected to the same network as the logical port. Note that the logical port itself need not have an IP address configured and, hence, aids in securing the vswitch and any virtual machines connected to that vswitch.

Virtual Network Interface Cards

Virtual machine communication with other systems is only possible through virtual network interface cards connected to a vswitch. All network communication to and from the VM passes through the virtual network interface card (vNIC) on its way to the vswitch. Integrity VM virtualizes multiple network interface devices implemented so that they all have a device emulator and a protocol driver in the VMM. All network traffic through a vNIC must pass through these two entities. The protocol driver examines the source MAC address and IP address of each packet coming from the virtual machine. If these addresses do not match those of the virtual machine, then the packet goes no further. In doing so, the VMM prevents a given virtual machine from posing as another virtual machine or the physical VM Host system. As mentioned previously, Integrity VM provides AVIO network adapters for higher performance needs. The AVIO network modules on the virtual machine ensures that a guest cannot set the MAC address other than that which it has been defined with, preventing attempts by that virtual machine to pose as another virtual machine or the VM Host system. These AVIO network adapters may be connected to virtual switches along with other virtual network adapters. Due to the security functionality built into VLAN technology, multiple VLANs may be used on the same virtual switch as mentioned previously. To better isolate guests from other guests that are not in the same trust domain, it is good practice to isolate virtual switches to a single trust domain. Only guests that share the domain should have virtual NICs connected to the same virtual switch. To further isolate the virtual network from the VM Host system, define virtual switches to use logical ports on the VM Host that do not have an IP address configured. A graphical example of such a configuration is illustrated in Figure 1.

Figure 1 - Isolating virtual machines to separate network trust domains

Virtual Machine Management

Integrity virtual machines enable configuration and monitoring through a full-featured command line interface (CLI). Additionally, the Virtual Server Environment suite of tools provides a browser-based, graphical user interface (GUI) to Integrity VM. The CLI is available to privileged users on the physical VM Host system. Virtual machine management, monitoring, and console access is provided with the CLI.

Command Line Interface

The Integrity VM CLI provides for management of virtual machines residing on a given physical system through secure login to that system. Network connectivity to a third-party system (e.g., a management system) is not required to use the CLI. All options and option parameters are validated for appropriate length and character set before actual execution of the task. Pathnames are also validated for existence as well as appropriate device type corresponding to any paths provided. Integrity VM logs all command-line execution along with success or failure diagnostics, user name, and time of execution.

Graphical User Interface

Virtual machine management with Integrity Virtual Machines may be achieved through the Integrity Virtual Machine Manager GUI. The GUI relies on Web Based Enterprise Management (WBEM) providers. These providers establish communication between the browser and the VM Host system with privileged login and the session is SSL-encrypted. These WBEM providers check all data request types and buffer ranges; all validated requests are for read-only data. Request types, options, and parameters are checked and validated before being passed on to the Integrity VM programmer interface libraries on the VM Host system.

Customizable Roles for Access and Management

Integrity VM provides secure access to virtual machine consoles. When you create the virtual machine, you can specify groups and user accounts that will have administration or operator privileges on that virtual machine. These users are allowed to log in to the VM Host under their own user accounts and to use the hpvmconsole command to perform system administration tasks on the virtual machine. A captive virtual console account is a special-purpose user account that may be created on the VM Host for each virtual machine administrator or operator. These types of user accounts have the console access command line interface for a login shell, and the desired virtual machine's per-virtualmachine-directory for a home directory. For virtual console access, the account also requires a password, and access to its associated guest. The net result is that a virtual machines console may be accessed by a user without their having access to the VM Host itself. These types of console users are specified as either admin (guest administrators) or oper (virtual machine operators). Virtual machine operators can access to the virtual machine console, shut down and reboot the virtual machine, display system status, transfer control to another virtual machine operator or administrator, and set system identification.

General Security for the VM Host System

Depending on the environment, limiting access to the VM Host may be a good idea. The potential impact from an interruption of service on the VM Host is comparable for its virtual machines to a labwide service interruption. As such, HP recommends considering the use of bastille(1M) to help limit unintended access to VM Hosts. For many environments, the pre-defined configuration known as "Managed DMZ" is appropriate. Note, however, that this depends on local configuration needs and security policies. Even when those settings are not precisely what are required, they can be a good starting point. To run bastille with the Managed DMZ settings initially selected, first copy that configuration policy to the default location: # cp /etc/opt/sec_mgmt/bastille/configs/defaults/MANDMZ.config \ /etc/opt/sec_mgmt/bastille/config Then make changes to that configuration file as appropriate before running bastille: # bastille Be sure to read the information in the bastille(1M) manual and any security considerations for management software to be run on the VM Host before applying any bastille configuration.

Conclusion
By leveraging its long history of providing secure hardware and software products, HP provides an extremely secure environment for virtualization of computer resources with Integrity Virtual Machines. Integrity VM reduces risk from threats while simplifying access control in a virtual environment, providing you with the confidence you need to securely execute your most business-critical applications while getting the most out of your computer system hardware investment.

For more information

www.hp.com/go/integrityvm www.hp.com/go/security Virtual Machine Security Guidelines, a white paper available from The Center for Internet Security at http://www.cisecurity.org/bench_vm.html

2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Itanium is a trademark or registered trademark of Intel Corporation or its subsidiaries in the United States and other countries. V1.0, October 2007