[BitVisor-users-en:47] Re: Nested Virtualization Support
krad at tuta.io
krad at tuta.io
Fri Jan 19 16:18:14 JST 2018
Thanks very much for your response.
I don't quite understand the security ramifications of setting unsafe_nested_virtualization
If I understand correctly, one of the core features that BitVisor provides, is a mitigation against DMA attacks, when configured with unsafe_nested_virtualization, would it become possible again to perform a DMA attack?
Thanks!
14. Sep 2017 17:13 by hdk at igel.co.jp:
> Hi,
>
> From: <> krad at tuta.io> >
> Subject: [BitVisor-users-en:44] Nested Virtualization Support
> Date: Mon, 11 Sep 2017 09:16:20 +0200 (CEST)
>
>> I'm wondering if there are any plans for/the status of nested virtualization on bitvisor?
>> I'm assuming if I tried to run for example vmware player or virtualbox on top of bitvisor, these systems do not run/run very slowly because they are unable to use the hardware virtual machine extensions (VT-x/AMD-V).
>
> In the latest BitVisor > https://bitbucket.org/bitvisor/bitvisor> ,
> "unsafe nested virtualization" is implemented for AMD-V. It can be
> enabled by setting config.vmm.unsafe_nested_virtualization=1. Unsafe
> means that an operating system on a hypervisor on BitVisor can access
> devices directly - no drivers in BitVisor can handle the access - if
> the hypervisor makes accesses passthrough to devices.
>
> Unsafe nested virtualization for VT-x is currently being developed.
>
> --
> Hideki EIRAKU <> hdk at igel.co.jp> >
> _______________________________________________
> BitVisor-users-en mailing list
> BitVisor-users-en at bitvisor.org
> https://www.bitvisor.org/mailman/listinfo/bitvisor-users-en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.bitvisor.org/archives/bitvisor-users-en/attachments/20180119/85d8df3f/attachment.html>
More information about the BitVisor-users-en
mailing list