Download presentation
Presentation is loading. Please wait.
Published byBrett Small Modified over 9 years ago
1
Copyright © 2015 Miao Yu, Virgil D. Gligor, and Zongwei Zhou CyLab and ECE Department Carnegie Mellon University {miaoy1, virgil}@andrew.cmu.edu, zongwei@alumni.cmu.edu ACM CCS Denver, Colorado October 14, 2015 Trusted Display on Untrusted Commodity Platforms 1
2
Copyright © 2015 2 Picture: GEEK.COM. http://www.geek.com/wp-content/uploads/2010/04/qubesOS_many-appvms.jpg Insensitive Application (App) Insensitive Application (App) Sensitive Application (SecApp) Sensitive Application (SecApp) Sensitive Application (SecApp) Sensitive Application (SecApp) Sensitive Application (SecApp) Sensitive Application (SecApp) Security: no malicious scrapping/painting of SecApps output on Shared Displays Secure Display Sharing
3
Copyright © 2015 3 Security while maintaining: Sec- App 1 Operating System (unmodified) App Graphics Processing Unit (GPU) … Sec- App 2 App SecApp User Perception Ideal Trusted Display Compatibility Trusted Computing Base Assurance Graphics Processing Unit (GPU)
4
Copyright © 2015 Security while maintaining: Compatibility Assurance User Perception App SecApp Sec- App 1 Operating System (unmodified) App Graphics Processing Unit (GPU) … Sec- App 2 Commodity OS X GPU Managed by: Related Work Full Virtualization Hypervisor Full Virtualization Hypervisor X X ✓ ✓ Graphics Processing Unit (GPU) TCB X X Trusted Computing Base (TCB) Graphics Processing Unit (GPU)
5
Copyright © 2015 5 GPU Instructions Local Page Tables CPU Programs (e.g., drivers, Apps) Data (e.g., frame buffers) GPU Address Spaces Objects Global Page Table (GGTT) Config. Registers Commands Background: GPU
6
Copyright © 2015 6 GPU Config. Registers CommandsInstructions Local Page Tables Display Engine Processing Engine CPU Programs (e.g., drivers, Apps) Other Engines GPU Address Spaces Objects Engines Global Page Table (GGTT) Data (e.g., frame buffers) Background: GPU
7
Copyright © 2015 7 Multiplexes GPU among VMs => Access mediation & emulation for GPU objects, e.g. GPU configuration registers Reduces complexity => “address space ballooning” * Derived from Figure 7 of Tian et al. “A Full GPU Virtualization Solution with Mediated Pass-Through” Background: Full GPU Virtualization VM 2VM 1 GPU Global Page Table (GGTT) Ballooned
8
Copyright © 2015 8 VM 2VM 1 GPU Global Page Table (GGTT) * Derived from Figure 7 of Tian et al. “A Full GPU Virtualization Solution with Mediated Pass-Through” Ballooned Multiplexes GPU among VMs => Access mediation & emulation for GPU objects, e.g. GPU configuration registers Reduces complexity => “address space ballooning” => non-contiguous GPU address space Background: Full GPU Virtualization
9
Copyright © 2015 9 GPU instructions could be malicious => base & bound registers High Base Bound VM2 VM1 Low Base Bound High GGTT VM1 VM2 VM1 VM2 Inadequate GPU HW - single register pair for non-contiguous address spaces Insecurity of Full GPU Virtualization
10
Copyright © 2015 10 Insecure: Inadequate GPU HW - malicious GPU instructions break GPU address space separation Lacks assurance: unverifiable code base - multiplexing GPU among VMs is complex e.g., emulating accesses to all GPU configuration registers Full GPU Virtualization In Summary Trusted Computing Base Incompatible with commodity OS/Apps - require OS/Apps redesign TCB loses its assurance - code becomes large and complex
11
Copyright © 2015 11 Step 1: Separate Step 2: Mediate Step 3: Emulate GPU Separation Kernel (GSK)
12
Copyright © 2015 12 Separate security-sensitive from insensitive GPU objects => security model (informal) GSK: Separation App 1 OS (unmodified) Apps GPU
13
Copyright © 2015 Insensitive (vast majority) 13 GSK: Separation Sensitive Object Insensitive Object App 1 OS (unmodified) Apps Separate security-sensitive from insensitive GPU objects => security model (informal) GSK Sensitive (very few) GPU Addressed: Large and complex (unverifiable) code base
14
Copyright © 2015 14 ALL accesses to security-sensitive objects by ALL GPU instructions inadequate GPU HW for mediation and complex instruction behavior Interfaces for trusted display GSK: Mediation GPU App 1 OS (unmodified) Apps Access Mediation SecApp 1 GSK
15
Copyright © 2015 15 cannot be intercepted by GPU during execution can access global memory via global page table (GGTT) can access all frame buffers have complex behaviors when accessing sensitive objects Assign GPU instructions to separate address spaces Prevent GPU instruction access to sensitive objects while maintaining compatibility. Map GPU instruction behaviors to Read/Write & Config. Change accesses. Enforce access invariants. Inadequate GPU HW & complex behaviors Solutions Instructions GSK: Mediation
16
Copyright © 2015 16 GPU Address Space Separation GPU Instructions Global Page Table (GGTT) Physical Memory Sensitive Object Insensitive Object
17
Copyright © 2015 17 GPU Address Space Separation GPU Instructions Global Page Table (GGTT) Physical Memory Sensitive Object Insensitive Object
18
Copyright © 2015 18 GPU Address Space Separation GPU Instructions Global Page Table (GGTT) Physical Memory Shadow GGTT (GGTT’) Sensitive Object Insensitive Object Addressed: Inadequate GPU HW and access mapping
19
Copyright © 2015 19 Preserves compatibility of access to shared objects e.g., both OS/Apps and GSK access the frame buffer base register GSK: Emulation Interfaces for trusted display GPU App 1 Apps SecApp 1 GSK Access Mediation Emulation OS (unmodified) Addressed: Incompatibility with commodity platforms
20
Copyright © 2015 20 Relies on existing primitives of formally verified μHV - access control to CPU physical memory GSK: Design GPU App 1 OS (unmodified) Apps Access Mediation SecApp 1 Emulation GSK Addressed: Maintain assurance of underlying code micro-Hypervisor
21
Copyright © 2015 21 GSK: Design OS/Apps frame buffer SecApps’ frame buffer Screen Addressed: Maintain Users’ Perception Screen Overlay: displays SecApps over OS/Apps
22
Copyright © 2015 GPU ObjectAll Objects Mediation in Full GPU Virtualization GSK Data (e.g., frame buffer, input/output for processing) 2 GBdata “out-of-the-VM” ~6 MB Configuration Registers62571139 Page TableAll Commands2694321 Instructions6614 (Ignored)0 22 Only few GPU objects require mediation Much smaller trusted code size << GSK + μHV << Full GPU Virtualization ~36K SLoC >10M SLoC Evaluation: Size & Complexity
23
Copyright © 2015 23 μHV-only μHV + trusted display Un-optimized μHV causes most overhead Evaluation: Performance (Throughput)
24
Copyright © 2015 24 Evaluation: Performance (Latency) Native μHV + trusted display (ms) μHV only (ms) Un-optimized μHV causes most frame jitters (frame)
25
Copyright © 2015 25 Take-Away Points Trusted display: Secure Compatible with commodity software/hardware Preserve assurance of underlying trusted code Maintain a typical user's perception Approach: Separate Mediate Emulate GPU accesses Screen overlay
26
Copyright © 2015 26 Backup
27
Copyright © 2015 27 Security Protection Sensitive App (SecApp) Operating System (OS) App Keyboard Graphic Controller … Network (w/ crypto) Server ! Sec- App
28
Copyright © 2015 28 Discussion SecApps require GPU acceleration Need to extend the scope of sensitive GPU objects Still simpler than full GPU virtualization GPU hardware enhancement Separate sensitive and insensitive GPU registers and memory into different aligned pages Support R/W access control in all GPU page tables
29
Copyright © 2015 29 OS/App frame buffer 1 Screen SecApp frame buffer 2 Challenge: Ideal Trusted Display when Screen & GPU are Shared at Any Time (not exclusively) SecApp frame buffer 3 … Screen Sharing
30
Copyright © 2015 30 Evaluation: Performance (Latency) Native μHV + trusted display (ms) μHV only max acceptable latency (ms) Un-optimized μHV further degrades user experience (frame)
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.