[openstack-dev] [OSSN 0059] Trusted VM can be powered on untrusted hosts

Nathan Kinder nkinder at redhat.com
Mon Nov 16 21:34:57 UTC 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Trusted VM can be powered on untrusted hosts
- ---

### Summary ###
A trusted VM that has been launched earlier on a trusted host can
still be powered on from the same host even after the trusted host is
compromised.

### Affected Services / Software ###
Nova, Trusted Computing Pools

### Discussion ###
Trusted Computing Pools aim to ensure the trustworthiness of the hosts
leveraging hardware-based security features. When an instance is
scheduled, the scheduler finds a trusted host by calling the remote
Attestation API for each host to check whether it is trusted or not.
Then, the scheduler calls the corresponding compute node to launch
the VM. Once the VM is launched, the scheduler is no longer involved
unless a migration, a resize or an evacuation is asked for that VM.

Malicious users can bypass the trust check by the Attestation API using
these steps: 1) Launch a trusted VM on a trusted host; 2) Stop the
VM on the trusted host; 3) Compromise the host; 4) Power on the VM from
the compromised host. There is no check by the Attestation API for
powering on the VM in this case.

### Recommended Actions ###
We recommend investigating further if the trust check by Attestation
API fails but the VM still boots. Another approach is to combine
secure boot with trusted boot. At the same time, Nova team has
discussed deprecating Trusted Filter.

### Contacts / References ###
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0059
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1456228
OpenStack Security ML : openstack-security at lists.openstack.org
OpenStack Security Group : https://launchpad.net/~openstack-ossg
Nova Team Email Proposing Deprecation:
http://lists.openstack.org/pipermail/openstack-dev/2015-June/067766.html
CR Demoting TrustedFilter to "experimental":
https://review.openstack.org/#/c/194592
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJWSkwBAAoJEJa+6E7Ri+EVu3YH/00Q2zKoTBh1DydSs9HNREJk
NCaQ+T7Imiwwb4AQzSVcyyQsr46RlQNL2d5J0/dS1+Xdv1i/agpPYhaM1tlHQETE
dM70JjJrBOnRlbMSLY2dleIQRdSatBAHD1XXyJGWU906GmUbY1WAmdMqFV5Xbg5A
GsIFmIQJJiH+ZsT0ByU1FeAgeIfAlPM75cy2estDSnsxuv4V36vrKCgAJ4jfHsfY
ZWl5v0S6FcEuygiwqDNSUmrR2iYiZGdyM20CATRSME/LH1JTWP+wNxLqJrcG2vIL
ztJOBduMAm/qdekeAu3aqFpWDq7n8fVlI2ma6XqE3Ygrb5dDbF6KYuCAwBafmSU=
=ZUVf
-----END PGP SIGNATURE-----

More information about the OpenStack-dev mailing list