Are VM Instances Isolated from One Another?

[DNS]

Hi, I was wondering if separate instances of virtualization on the same host could manipulate each others memory.

I already know that since the guest is completely abstracted from the host, there would be no way for the guest apps to know what is running on the host machine. The above situation however, concerns the situation where I would run a trusted vm for accessing my corporate vpn and another untrusted one simultaneously. In that case, can malware in the untrusted vm snoop or alter on any aspect of the trusted instance (ex: RAM)? Is TPM hardware the only guarantee?

Any feedback is appreciated. Thanks!

[mpack]

The virtual machines are completely isolated, including having separate memory ranges (pedant note: yes, I'm aware of the page fusion feature). The two VMs can only communicate at all if you make them part of the same network.

You also seemed to have an unspoken assumption that you'll run the VMs at the same time: but there's no reason you have to do that. Obviously code that isn't running can't do anything at all.

[DNS]

Very comprehensive info, thanks mpack.
I have a final question just for future reference, concerning page fusion if I were to use it.
As far as I can tell, only identical memory pages can be shared and on write, a different page is created for each vm in that case.

Considering a scenario that there is a keylogger in the hostile vm, can it potentially "read" the info (such as passwords) in the shared page used by the trusted vm?
I understand that the hypervisor assigns unique hashes to each memory page, but I don't know how unique the data in memory has to not be considered for sharing. I just want to be sure that I am safe in that case too while also being able to benefit from the resource consolidation page fusion has to offer.

[mpack]

Considering a scenario that there is a keylogger in the hostile vm, can it potentially "read" the info (such as passwords) in the shared page used by the trusted vm?

How would the page come to be shared? That could only happen if an identical page containing the same info was created in the untrusted VM. If the untrusted VM has the info to do that then the question of spying becomes moot.

[michaln]

I understand that the hypervisor assigns unique hashes to each memory page

What hypervisor are you talking about? Clearly not VirtualBox.

[mpack]

What hypervisor are you talking about? Clearly not VirtualBox.

? I must admit that I would have guessed the same as DNS. Either it's a hardware assisted feature (in which case who knows the details of implemention), or else the obvious way to check that two mem pages have the same content is to maintain a hash code for the page. If the hash codes match you do a full comparison.

[michaln]

What hypervisor are you talking about? Clearly not VirtualBox.

? I must admit that I would have guessed the same as DNS. Either it's a hardware assisted feature (in which case who knows the details of implemention), or else the obvious way to check that two mem pages have the same content is to maintain a hash code for the page. If the hash codes match you do a full comparison.

VirtualBox uses a less general but much simpler and faster method which relies on comparing the modules loaded in "fused" VMs.

[DNS]

VirtualBox uses a less general but much simpler and faster method which relies on comparing the modules loaded in "fused" VMs.

Oh ok then, I had the wrong impression that VirtualBox used the other method I described. Does the comparison of modules still use hashes then or another method?

How would the scenario play out regarding the scenario of vm privacy (described in my last post)?

Thanks

[michaln]

The general answer is that pages don't (and can't) get shared unless they're identical. If one VM modifies a shared page, it will get unshared for that VM and the VM will get its private copy.

[DNS]

So for example if both vms have the same type browser running, does VirtualBox look at it and say "There are 2 identical apps in both vms, so I should share their memory for read access" or does it say "The apps although similar don't have the same data stored for use in their RAM page so reading denied" ?
If it works as the first example then passwords cached in RAM could potentially be comrpomised.

The general answer is that pages don't (and can't) get shared unless they're identical.

How fine is the granularity of the memory comparison? What I mean is, how 'identical' do they have to be to be considered identical?

All this is very interesting to me, so please excuse my persistence.

[michaln]

Memory pages get shared, usually 4K in size. VirtualBox currently only considers for sharing memory which the guest marked as read-only in its page tables. The memory is shared only if the pages are actually identical.

So no, information can't be leaked from one VM to another this way.