Devlore: Extending Arm CCA to Integrated Devices A Journey Beyond Memory to Interrupt Isolation

• URL: http://arxiv.org/abs/2408.05835v1
• Date: Sun, 11 Aug 2024 17:33:48 GMT
• Title: Devlore: Extending Arm CCA to Integrated Devices A Journey Beyond Memory to Interrupt Isolation
• Authors: Andrin Bertschi, Supraja Sridhara, Friederike Groschupp, Mark Kuhne, Benedict Schlüter, Clément Thorens, Nicolas Dutly, Srdjan Capkun, Shweta Shinde,
• Abstract summary: Arm Confidential Computing Architecture executes sensitive computation in an abstraction called realm. CCA does not allow integrated devices on the platform to access realm. We present Devlore which allows realm to directly access integrated peripherals.
• Score: 10.221747752230131
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Arm Confidential Computing Architecture (CCA) executes sensitive computation in an abstraction called realm VMs and protects it from the hypervisor, host OS, and other co-resident VMs. However, CCA does not allow integrated devices on the platform to access realm VMs and doing so requires intrusive changes to software and is simply not possible to achieve securely for some devices. In this paper, we present Devlore which allows realm VMs to directly access integrated peripherals. Devlore memory isolation re-purposes CCA hardware primitives (granule protection and stage-two page tables), while our interrupt isolation adapts a delegate-but-check strategy. Our choice of offloading interrupt management to the hypervisor but adding correctness checks in the trusted software allows Devlore to preserve compatibility and performance. We evaluate Devlore on Arm FVP to demonstrate 5 diverse peripherals attached to realm VMs.

Related papers

• Preventing Rowhammer Exploits via Low-Cost Domain-Aware Memory Allocation [46.268703252557316]
  Rowhammer is a hardware security vulnerability at the heart of every system with modern DRAM-based memory. C Citadel is a new memory allocator design that prevents Rowhammer-initiated security exploits. C Citadel supports thousands of security domains at a modest 7.4% average memory overhead and no performance loss.
  arXiv  Detail & Related papers  (2024-09-23T18:41:14Z)
• Cabin: Confining Untrusted Programs within Confidential VMs [13.022056111810599]
  Confidential computing safeguards sensitive computations from untrusted clouds. CVMs often come with large and vulnerable operating system kernels, making them susceptible to attacks exploiting kernel weaknesses. This study proposes Cabin, an isolated execution framework within guest VM utilizing the latest AMD SEV-SNP technology.
  arXiv  Detail & Related papers  (2024-07-17T06:23:28Z)
• SNPGuard: Remote Attestation of SEV-SNP VMs Using Open Source Tools [3.7752830020595796]
  Cloud computing is a ubiquitous solution to handle today's complex computing demands. VM-based Trusted Execution Environments (TEEs) are a promising solution to solve this issue. They provide strong isolation guarantees to lock out the cloud service provider.
  arXiv  Detail & Related papers  (2024-06-03T10:48:30Z)
• WeSee: Using Malicious #VC Interrupts to Break AMD SEV-SNP [2.8436446946726557]
  AMD SEV-SNP offers VM-level trusted execution environments (TEEs) to protect sensitive cloud workloads. WeSee attack injects malicious #VC into a victim VM's CPU to compromise the security guarantees of AMD SEV-SNP. Case-studies demonstrate that WeSee can leak sensitive VM information (kTLS keys for NGINX), corrupt kernel data (firewall rules), and inject arbitrary code.
  arXiv  Detail & Related papers  (2024-04-04T15:30:13Z)
• Heckler: Breaking Confidential VMs with Malicious Interrupts [2.650561978417805]
  Heckler is a new attack wherein the hypervisor injects malicious non-timer interrupts to break the confidentiality and integrity of CVMs. With AMD SEV-SNP and Intel TDX, we demonstrate Heckler on OpenSSH and to bypass authentication.
  arXiv  Detail & Related papers  (2024-04-04T11:37:59Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• Putting a Padlock on Lambda -- Integrating vTPMs into AWS Firecracker [49.1574468325115]
  Software services place implicit trust in the cloud provider, without an explicit trust relationship. There is currently no cloud provider that exposes Trusted Platform Module capabilities. We improve trust by integrating a virtual TPM device into the Firecracker, originally developed by Amazon Web Services.
  arXiv  Detail & Related papers  (2023-10-05T13:13:55Z)
• FusionAI: Decentralized Training and Deploying LLMs with Massive Consumer-Level GPUs [57.12856172329322]
  We envision a decentralized system unlocking the potential vast untapped consumer-level GPU. This system faces critical challenges, including limited CPU and GPU memory, low network bandwidth, the variability of peer and device heterogeneity.
  arXiv  Detail & Related papers  (2023-09-03T13:27:56Z)
• virtCCA: Virtualized Arm Confidential Compute Architecture with TrustZone [14.919299635479046]
  ARM recently introduced the Confidential Compute Architecture (CCA) as part of the upcoming ARMv9-A architecture. We present virtCCA, an architecture that facilitates CCA using TrustZone, a mature hardware feature available on existing ARM platforms. virtCCA is fully compatible with the CCA specifications at the API level.
  arXiv  Detail & Related papers  (2023-06-19T15:19:50Z)
• FLEdge: Benchmarking Federated Machine Learning Applications in Edge Computing Systems [61.335229621081346]
  Federated Learning (FL) has become a viable technique for realizing privacy-enhancing distributed deep learning on the network edge. In this paper, we propose FLEdge, which complements existing FL benchmarks by enabling a systematic evaluation of client capabilities.
  arXiv  Detail & Related papers  (2023-06-08T13:11:20Z)
• Dynamic Split Computing for Efficient Deep Edge Intelligence [78.4233915447056]
  We introduce dynamic split computing, where the optimal split location is dynamically selected based on the state of the communication channel. We show that dynamic split computing achieves faster inference in edge computing environments where the data rate and server load vary over time.
  arXiv  Detail & Related papers  (2022-05-23T12:35:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.