Passthrough

55 views
Skip to first unread message

Drew White

unread,
Nov 24, 2016, 6:55:27 PM11/24/16
to qubes-users
Is there any way that I can pass through all real hardware specifics to the guest to make it not think it's running under xen? (primarily Windows)

Jean-Philippe Ouellet

unread,
Nov 24, 2016, 10:30:43 PM11/24/16
to Drew White, qubes-users
On Thu, Nov 24, 2016 at 6:55 PM, Drew White <drew....@gmail.com> wrote:
> Is there any way that I can pass through all real hardware specifics to the guest to make it not think it's running under xen? (primarily Windows)

Malware trying to determine if it's on bare metal will likely always
be able to do so, other classes of software should "Just Work" in HVM
and (barring bugs in device emulation) are not likely to care.

Is there a particular reason you ask?

Drew White

unread,
Nov 24, 2016, 10:53:55 PM11/24/16
to qubes-users, drew....@gmail.com

I'm asking because I want to know if there is a way or not.
To get some software to work properly it needs to be able to read certain parts of the system to get the identity and generate the keys to identify the pc as the pc to activate. I.E. it can't be run on multiple PCs, only the one that I registered it on.

raah...@gmail.com

unread,
Nov 25, 2016, 6:23:56 AM11/25/16
to qubes-users
On Thursday, November 24, 2016 at 6:55:27 PM UTC-5, Drew White wrote:
> Is there any way that I can pass through all real hardware specifics to the guest to make it not think it's running under xen? (primarily Windows)

what? lol

Salmiakki

unread,
Nov 25, 2016, 7:16:16 AM11/25/16
to qubes-users
On Friday, November 25, 2016 at 12:55:27 AM UTC+1, Drew White wrote:
> Is there any way that I can pass through all real hardware specifics to the guest to make it not think it's running under xen? (primarily Windows)

It depends on what exactly is used as input to creating this device identifier but it's extremely unlikely that you will be able to pass through all the necessary devices. You might be able to fake some of it, though. There is no support from qubes except for PCI passthrough.

Desobediente

unread,
Nov 25, 2016, 7:36:42 AM11/25/16
to qubes-users
In the settings tab on the qubes manager you could passthrough almost everything. For example, if you passthrough the video card, your screen will black out.

As for these checking algorithms, everything can be faked, which implies the very idea of checking the system is broken because you can run your "system checking" software everywhere you want to, because with virtualization, you can tell the operating system whatever you want to.

Modern and clever software for checking COULD bypass some things, what would require you to recompile qubes/xen to apply more aggressive means to fool the windows guest.

Salmiakki

unread,
Nov 25, 2016, 9:01:39 AM11/25/16
to qubes-users
On Friday, November 25, 2016 at 1:36:42 PM UTC+1, Desobediente wrote:
> As for these checking algorithms, everything can be faked,

Not really pertinent to this discussion but PUFs: https://en.wikipedia.org/wiki/Physical_unclonable_function

Drew White

unread,
Nov 27, 2016, 7:20:50 PM11/27/16
to qubes-users
On Friday, 25 November 2016 23:36:42 UTC+11, Desobediente wrote:
> In the settings tab on the qubes manager you could passthrough almost everything. For example, if you passthrough the video card, your screen will black out.

I don't want to pass through the device from dom0 to the guest, I jsut want everything that the guest sees to be the physical device that is faked to be as it really is. Not remove it from dom0 and everything else, because that would mean that qubes would stop working because the device isn't shared.

Reply all
Reply to author
Forward
0 new messages