[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] x86 Community Call: Wed Oct 10, 14:00 - 15:00 UTC - Call for agenda items


This NIST document ("A Methodology for Determining Forensic Data Requirements for Detecting Hypervisor Attacks" [1]) appears to be focused on the application of LibVMI in some contexts.  It is a NIST Interagency or Internal Report (NISTIR) document with a narrower scope than other NIST publications, e.g. Special Publications (SP).  NISTIR documents are:

"... Interim or final reports on work performed by NIST for outside sponsors (both government and non-government).  May also report results of NIST projects of transitory or limited interest, including those that will be published subsequently in more comprehensive form."

If the Xen community wishes to provide feedback on this NISTIR draft, I suggest compiling a single document, including:

 - any inaccuracies + supporting references
 - vulnerability scope boundaries, including Xen hypervisor, Linux kernel affecting KVM, KVM module for Linux kernel, QEMU and hypervisor toolstack(s)
 - additional sample attack(s) and evidence coverage for forensic analysis
 - additional references on hypervisor security / vulnerability analysis
 - missing perspectives (e.g. impact of features selected via KCONFIG, disaggregation)
 - other feedback

If a single list can be compiled, each item can be numbered and Xen community viewpoints can be aggregated for possible consensus in unified feedback, or individuals could submit their feedback separately.


On Oct 9, 2018, at 14:20, Lars Kurth <lars.kurth@xxxxxxxxxx> wrote:

Hi all,
I added a NIST Security Paper to the agenda which is currently under review and is full of inaccuracies and could potentially become very problematic to the project and vendors using Xen if officially published by NIST without being corrected (it needs responses by the end of week). I will be struggling to do this alone and would like to enlist help, in particular from people with a security background. That would also be significantly more powerful than me providing the feedback.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.