Attacking Hypervisors via Firmware and Hardware
nd5ln5n
nd5ln5n
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Attacking</strong> VMM by proxying through SMI h<strong>and</strong>lerVirtual Machine(child partition)AppAppOperating SystemRoot partitionApp AttackOperating SystemVM with direct access toSMIs invokes SMIh<strong>and</strong>ler <strong>and</strong> supplies apointer to some VMMpageVMM / HypervisorMemorySMI H<strong>and</strong>lersSystem <strong>Firmware</strong><strong>Hardware</strong>CPUGraphicsSMI h<strong>and</strong>ler writes tothe supplied pointeroverwriting contents ofprotected VMM pageI/ONetwork