It has been almost a year that I haven’t been updating on my blog site about Project NoirVisor. Here I would list some achievements and future plans of Project NoirVisor.

The first achievement is that I found the dilemma issue of time-profiler countering. There is a technique of VM detection by counting the number of cycles elapsed for the execution of an instruction that induces VM-Exit. A sound technique of countering such time-profiler is by omitting the TSC, time stamp counter, elapsed during VM-Exit handling. Nevertheless, this technique would exert backfire to the system stability. On a multi-processing system, doing so could result a system going haywire.

The second achievement is the completion of NPIEP feature on SVM-Core. NPIEP, abbreviation that stands for Non-Privileged Instruction Execution Prevention, is a virtualization-based security feature that aims to prevent executions of the four instructions in user mode: the sidt, sgdt, sldt and str instructions. These four instructions are system instructions, yet they are also allowed to be executed in user mode. This might leak system information. With NPIEP, hypervisors would intercept these four instructions and return an irrelevant value to mitigate the leak of system information.

NoirVisor is a very big project that requires quite a lot of commitments to accomplish. Since February this year, I decided to implement a feature called Customizable VM. This is a feature aiming to compete with the API set called Windows Hypervisor Platform. Currently, NoirVisor has completed the scheduler in SVM-Core. Switching between VM and Host should be behaving correctly, albeit I haven’t tested it. However, please note that Customizable VM is not ready, so test cases are not yet available. Once this feature is ready, I would make a blog introducing the whole mechanism of implementing a virtual machine.

Future updates regarding NoirVisor should be about the nested virtualization, Customizable VM, porting to UEFI, and IOMMU development. Some smaller features, if I found them interesting to be implemented, might be implemented before the bigger features is to be implemented. For example, NPIEP on VT-Core might be implemented on the next if I had some chance playing with machines with Intel CPU.