On Fri, 13 Oct 2017 11:10:05 +0200 Stefan Weil <s...@weilnetz.de> wrote:
> Hi, > > the German Bundesamt für Sicherheit in der Informationstechnik > (Federal Office for Information Security) published a study on > the security of KVM and QEMU: > > https://www.bsi.bund.de/DE/Publikationen/Studien/Sicherheitsanalyse_KVM/sicherheitsanalyse_kvm.html > > (article only available in German) Thanks for posting this! I only looked at the conclusion for now. Some interesting points: - They state that QEMU's source code is well structured, readable and maintainable. I wonder what kind of source code they usually deal with ;) - Most problems noted seemed to be related to signed<->unsigned conversions, but none were found to be exploitable. - They liked hardening via stack protection, NX, and ASLR, as well as the mechanisms used by libvirt. - They generally seemed to be happy with QEMU being deployed via libvirt. - Restrictions imposed via KVM (guest access to some CPU registers) scored positive points. They did not like that Hyper-V and PMU were not deconfigurable. - Lack of support for encryption/signing of network-based images was criticized. They ended up using Ceph and GlusterFS, which they were reasonably happy with. That's just from a quick browse.
