An Enhancement of Trusted Domain Enforcement using VMM Interruption Mechanism

Abstract

VMM (virtual machine monitor) introspection makes it possible to design dynamic protection system of virtualized guest OS. TDE (trusted domain enforcement) is an extension of TE (type enforcement) for dynamic access control and sandbox. VMM provides a strong isolation which can enhance TDE of guest domain. In this paper we propose an enhancement of trusted domain enforcement of guest domain using VMM interruption mechanism. Trusted domain enforcement of guest OS is improved by interruption and strong isolation provided by VMM. VMM based TDE is achieved by two steps. A non-write protected input for guest domain is detected, notification is sent to VMM. Then, VMM isolates the domain from other domains. Proposed system needs notification channel passing VMM and guest OS modification. We discuss the way to create the notification channel by a newly added VMM interruption. Also, the modification of guest OS is presented. We implement input validation routine by kernel patch and LSM (Linux security module) and compare CPU utilization. Proposed system enables dynamic sandboxing of virtualized OS with strong isolation by VMM interruption mechanism.