Back to the Future: A Radical Insecure Design of KVM on ARM

The KVM Hypervisor in ARM systems has a security flaw that allows an attacker to gain privilege on the hypervisor from a less privileged kernel mode. The flaw has not been fixed yet.

• ARM architecture has four exception levels that determine privilege level
• Hypervisor runs in EL2 and is more privileged than guest OS in EL1
• HVC instruction is used for secure communication between OS and hypervisor
• Exception vectors are stored in a special table called exception vector table
• V Bar register points to corresponding exception vector table for each PL
• The KVM Hypervisor in ARM systems has a security flaw that allows an attacker to gain privilege on the hypervisor from a less privileged kernel mode
• The flaw has not been fixed yet

The speaker found the flaw early this year and reported it to the Reddit product security team with a detailed report and an exploit code. After multiple email exchanges, the team understood the problem and escalated it to the KVM team. However, the flaw is still not fixed.

In ARM there are certain instructions that generates exception. Such instructions are typically executed to request a service from software that runs at a higher privilege level. From the OS kernel (EL1), software can call the Hypervisor (EL2) with the HVC instruction.The KVM Hypervisor is part of the Linux kernel and by default it is enabled on all supported ARM system. In ARM architecture KVM is implemented through split-mode virtualization and runs across different privileged CPU modes. This talk will discuss about the design and a security issue in a way Linux kernel initializes the KVM Hypervisor. An attacker having access to host EL1 can execute code in EL2. This security issue can be exploited by an attacker to install a Hypervisor root kit on ARM system.