I.V. Karpov, V.U. Egorov

Propagate of hardware support for virtualization technologies is accompanied by the use of mechanisms hardware virtualization for processors Intel VT-x and AMD SVM to create malicious software (malware). Malicious code by families Hardware Virtual Machine Rootkits (HVMR), for example, built according to the type of «Blue Pill» may lead to the compromised of private information and the loss of "real" control of information security with the objects of protection. There are also threats related to unauthorized access to system memory from the physical I/O devices, capable to working in a mode of capturing the system bus during direct memory access (Bus Master DMA). System Software Information Security built into the OS kernel, have a fundamental advantage in terms of controlling access to data structures in memory before any software running on a higher level (application level). In the case of the introduction of malicious code on the same level, where work SSIS, or at an even lower level of the system, this fundamental advantage is lost. The mechanism of virtual machines (VM) allows you to enter another, the lowest level in the system, allowing you to create an abstraction of memory address space is to the kernel of OS. Therefore, a pre-existing degree of confidence in the protections built into the OS kernel, is lost. The architecture of modern computer system involves two basic types of access to data located in system memory: 1. from the processor (i.e, software operating on the processor); 2. from the I/O devices, capable of working in a mode of capturing the system bus during direct memory access. The purpose of this article is to find solutions in determining the overall concept of building an isolated software environment based on virtualization technology Intel, to create a trusted computing platform. The essence of technology Intel VT-x is the introduction of a special mechanism for the CPU - Virtual Machine eXtensions (VMX), designed to create software that manages virtualization as well as determining the number of processor instructions for this mechanism. The software provides functionality for virtual machines, called Virtual Monitor Machines (VMM) or hypervisor. The transfer of control is performed by switching the mode of the CPU between the non-root mode (guest mode) and root mode (VMM). The technology Intel VT-x provides access control over private or critical areas of memory only on the software, located inside a virtual machine. Controlling access to system memory from the physical input/output device provides technology Intel VT-d. Technology Intel VT-d, in fact, introduces a logical addressing system memory by the peripheral devices when performing I/O in DMA mode Using the following key mechanisms: 1. I/O device assignment: a mechanism for flexibly assigning I/O devices to VMs and extending the protection and isolation properties of VMs for I/O operations; 2. DMA remapping: a mechanism for supporting independent address translations for Direct Memory Accesses from devices; 3. interrupt remapping: a mechanism to support the insulation and routing of interrupts from the devices and the external interrupt controller; 4. Reliability: a mechanism for recording and reporting to VMM interrupt and DMA errors that may otherwise corrupt memory or impact VM isolation. Architecture of Intel VT-d allows system software to create one or more protected domain DMA, which identified a subset of pages of physical memory, and assign each device I / O separate domain with its own pages of physical memory, preventing access to memory outside the designated domain. Virtualization technology is the best suited to form the basis of such a trusted computing platform. To create a insulation and trusted of the computing platform is proposed to run "target" OS in controlled VM running on VMM special form. This VMM is a "thin - hypervisor, completely virtualize only two common resource: the CPU and memory, and performs the virtualization endpoint devices I/O only in terms of access devices to the system memory mode DMA. Protected VMM must rely on technology Intel VT-x and Intel VT-d. Considered in this paper an approach to the creation of a secure and isolated software environment will significantly improve safety and reliability of the software environment, preventing the most dangerous types of attacks: 1. concealment of fact finding within the virtual machine; 2. blocking of the hypervisor launch party; 3. exclusion of critical sections of code and confidential data from unauthorized access from both the code located inside the virtual machine, and from the peripherals. At this point, the authors developed a prototype of a thin hypervisor (working name «Boot VMM») allowing run inside single of virtual machine operating system by type MS-DOS.