Question

What's still non-isolated wrt information security when two guest OSs are running on a hypervisor?

Answer 1

motivation for isolating guest OSs from each other and the underlying hypervisor and host OS is the mitigation of side-channel attacks. These attacks exploit the physical properties of hardware to revealinformation about usage patterns for memory access, CPU use, and other resources. A common goal of these attacks is to reveal cryptographic keys.

These attacks are considered difficult, usually requiring direct physical access to the host.

Attackers may attempt to break out of a guest OS so that they can access the hypervisor, other guest OSs, or the underlying host OS. Breaking out of a guest OS is also known as escape. If an attacker can successfully escape a guest OS and gain access to the hypervisor, the attacker might be able to compromise the hypervisor and gain control over all of its guest OSs. So the hypervisor provides a single point of security failure for all the guest OSs; a single breach of the hypervisor places all the guest OSs at high risk.

Guest OSs are often not completely isolated from each other and from the host OS because that would prevent necessary functionality. For example, many hosted virtualization solutions provide mechanisms called guest tools through which a guest OS can access files, directories, the copy/paste buffer, and other resources on the host OS or another guest OS. These communication mechanisms can inadvertently serve as an attack vector, such as transmitting malware or permitting an attacker to gain access to particular resources. Bare metal virtualization software does not offer such sharing capabilities

The hypervisor is fully aware of the current state of each guest OS it controls. As such, the hypervisor may have the ability to monitor each guest OS as it is running, which is known as introspection.

For many virtualization products, the hypervisor can incorporate additional security controls or interface with external security controls and provide information to them that was gathered through introspection. Examples include firewalling, intrusion detection, and access control.