This is the umbrella repo of the 00SEVen research prototype. 00SEVen provides owners of confidential AMD SEV-SNP VMs (TEE VMs) with remote inspection capabilities for their VMs, including memory and register access, secure execution pausing, and access traps. The corresponding research paper "00SEVen -- Re-enabling Virtual Machine Forensics" has been published in the USENIX Security 2024 conference on 14th August 2024 and is available as an open access publication.
00SEVen
Copyright (C) 2025 CISPA - Helmholtz-Zentrum für Informationssicherheit gGmbH
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
The license applies to all files in this repository (except of the AGPL license file itself),
explicitly including all patch files. Copyright headers in files might be outdated.
This license statement takes precedence.
# initial setup and build
./setup-client.sh
# rebuilding
cd libvmi/build/
make clean
make
Requires pb-rs tool for generating Rust files for the protobuf-based
communcation protocol.
# initial setup and build
./setup-vmi-agent.sh
# rebuilding
cd linux-svsm/
bash
make clean
make
Also see instructions in README file of linux-svsm submodule (in linux-svsm/).
First, you should consider following the above instructions to build the VMI agent. Then:
cd linux-svsm/scripts/
bash
./build.sh --package
Also see instructions in README file of linux-svsm submodule (in linux-svsm/).
-
Follow the instructions of the linux-svsm README (
linux-svsm/README.md) to install the patched host kernel, prepare the patched QEMU, and set up a VM with the SVSM guest kernel. -
Later, you can then run the VM with 00SEVen's remote channel enabled similar to this command:
cd linux-svsm/scripts/
bash
sudo ./launch-qemu.sh -hda guest.qcow2 -sev-snp -svsm ../svsm.bin -svsm-sock unused-sock -vsock
where guest.qcow2 would be your prepared VM image/disk (refer to step 1).
Running the socat-based proxy is very easy.
First, update the host IP address in proxy/socat_relay.bash to the desired host address via which the proxy should be exposed.
Then you can:
# either: run for a single session
cd proxy/
./socat_relay.bash
# or: run in a loop
cd proxy/
./loop_relay.sh
Basically: build our libvmi version (cf. above), build the analysis scripts using analysis-scripts/compile_all.sh, and then run the respective policies.
caveats: you require the correct symbol table of your guest VM OS (System.map from /boot/ inside the VM), and the respective offsets of the inspected kernel structures;
please refer to the README file/s of the libvmi subrepo (in libvmi/);
you will have to reference the symbol table file in a respective libvmi.conf file --- see our example given in libvmi/our-config/libvmi.conf
extracting the kernel struct offsets works by loading a kernel module inside the guest VM OS which will print out the offsets to the kernel log (readable via sudo dmesg); the offsets can then be adjusted in the policy files for the own guest VM kernel
--- see the README of our offset extraction module: analysis-scripts/policy-offset-finder/README.md
caveat: in the libvmi.conf file, you must use the host IP as the name of the VM config file entry as shown in our sample; 00SEVen's libvmi backend uses the name as IP for connecting to the host-located proxy
There are multiple limitations in the implementation as this is a PoC research prototype. That is, it is not ready for secure production usage.
As an example, note that the in-VM agent currently has a public/private key pair for the TLS connection hardcoded. Instead, it should, e.g., be randomly generated or securely fetched from a remote source.
The memory access emulation on a trap is not yet extensively implemented in the agent. Instead, few sample instructions are emulated (MOV, ADD, CMPXCHG) --- see linux-svsm/src/forensics/access_emulation/.
The prototype does not yet implement the function / code execution traps described in the research paper.