TreVisor - Cryptography & Security Department
TreVisor - Cryptography & Security Department
TreVisor - Cryptography & Security Department
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Key Storage Registers<br />
● Usually, debug registers (dr0 - dr7) can be accessed with<br />
ring 0 privileges from guest OS<br />
● Now we need exclusive access from ring -1 (VMM)<br />
● We must protect the debug registers from guest OS:<br />
● Throw VMEXIT exception when the guest tries to access<br />
debug registers (virtualization control: "MOV-DR exiting")<br />
● Exception handler: ignore instruction (increment IP), don't<br />
throw exception to guest, mirror guest debug regs in RAM<br />
� Changes privilege level of debug regs from ring 0 to -1<br />
June 26 - 29, 2012 · ACNS '12 Singapore · <strong>TreVisor</strong> · Tilo Müller, Benjamin Taubmann, and Felix C. Freiling