2007-01-21

X86 architects take the blue pill

This article talks about some new kernel support in Linux for virtualization.

Of course, virtualization is nothing new. Almost everyone knows about Nintendo emulators that allow you to play games from years past, and even emulators that allow you to run Macintosh software on Windows, and vice versa. IBM has been doing virtualization for decades to satisfy recalcitrant customers who wanted to upgrade their mainframes, but not their software.

What is new is having support for virtualization technology in the CPU itself. In 2005 and 2006, Intel and AMD both independently introduced extensions to the x86 architecture to facilitate virtualization. According to wikipedia, these CPU extensions "allow a virtual machine hypervisor to run an unmodified guest operating system without incurring significant emulation performance penalties."

In effect, this shifts the ultimate authority for system resources from the operating system to the hypervisor. This was not lost on the creators of Blue Pill, who quickly exploited this potential to create an undetectable rootkit. In effect, the hypervisor can veto anything and everything the operating system does. It can hide resources from the operating system... make disks appear smaller or larger, for example, or hide memory. It is "more root than root."

People in the Linux or BSD world are already used to having the final say on what goes on inside their computer. After all, the source of the Linux kernel is open and freely modifiable. However, the situation is quite different on Windows and other proprietary platforms. There, your operating system looks a lot like a black box. Virtualization technology has the potential to breach the proprietary fortress. Used properly, it could actually be used to improve security, by providing more information to system administrators about what is going on behind the Windows logo.

I wonder if it's possible to exploit this technology to circumvent the new DRM restrictions in Windows Vista. If so, I hope nobody exploits it until VT is well-accepted and used in the industry. It would be a shame to see a promising technology like VT crippled in the name of copy protection.

I also wonder if this could be used to create, for example, a higher performance Java virtual machine or .NET virtual machine. Currently, those virtual machines are implemented entirely in software. With this virtualization support in the CPU, could those virtual machines be made to "think" that they have a CPU to themselves? If so, a lot of consistency checks and security checks might be avoided. But here I am just speculating-- I don't know if those VMs are low-level enough to make use of this technology.

On a more mundane level, I am also interested in anything that would allow me to run Windows and Linux on the same machine, without having to dual boot. I have compromised by keeping two separate computers around, one with each operating system. But this compromise uses up more floor space and power. Perhaps this technology could be useful for that, too.

(Yes, I know about Wine, but it is Not There Yet for casual use, and probably never will be, given that they are chasing a moving target. I have also used the many virtualization programs, but always found them slow.)

3 Comments:

At 4:23 PM, Blogger yyk1986123 said...

This is very nice blog. Check my blogs i am a girl can make friends?

 
At 11:38 AM, Blogger Victor Leo Martin said...

Hey Collin,

I was reading your blog and you can easily have LINUX AND Windows exist on ther same machine in two VW sessions using VM ware workstation. I can get u a copy if need it. I think its even free now. Let me know. It'd be great to hear from you anyways

victorm@southlaw.com

Hows everything going man? Write me and we will catch up.

Peace

Victor

 
At 3:13 PM, Blogger RareCactus said...

Hey Victor!

Haven't heard from you in a while. We should catch up sometime.

I know that VMWare can already give you Linux and Windows on the same machine. The biggest impact of this new technology is going to be a huge speed increase in that kind of emulation.

It may sound like a small thing, but this speed increase may push virtualization technology out of the realm of "interesting toy" and more into the realm of everyday technology.

I'll have to give you my email info sometime.

C.

 

Post a Comment

<< Home