Confidential computing for OpenPOWER

This paper presents Protected Execution Facility (PEF), a virtual machine-based Trusted Execution Environment (TEE) for confidential computing on Power ISA. PEF enables protected secure virtual machines (SVMs). Like other TEEs, PEF verifies the SVM prior to execution. PEF utilizes a Trusted Platform Module (TPM), secure boot, and trusted boot as well as newly introduced architectural changes for Power ISA systems. Exploiting these architectural changes requires new firmware, the Protected Execution Ultravisor. PEF is supported in the latest version of the POWER9 chip. PEF demonstrates that access control for isolation and cryptography for confidentiality is an effective approach to confidential computing. We particularly focus on how our design (i) balances between access control and cryptography, (ii) maximizes the use of existing security components, and (iii) simplifies the management of the SVM life cycle. Finally, we evaluate the performance of SVMs in comparison to normal virtual machines on OpenPOWER systems.

[1]  Floyd Michael,et al.  3.1 POWER9TM: A processor family optimized for cognitive computing with 25Gb/s accelerator links and 16Gb/s PCIe Gen4 , 2017 .

[2]  W. Ware Proceedings of the December 12-14, 1961, eastern joint computer conference: computers - key to total systems control , 1961 .

[3]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[4]  Alastair J. W. Mayer The architecture of the Burroughs B5000: 20 years later and still ahead of the times? , 1982, CARN.

[5]  Ronald N. Kalla,et al.  IBM Power9 Processor Architecture , 2017, IEEE Micro.

[6]  Damien Sauveron,et al.  Secure and Trusted Execution: Past, Present, and Future - A Critical Review in the Context of the Internet of Things and Cyber-Physical Systems , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[7]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[8]  T. Kilburn,et al.  The Atlas supervisor , 1899, AFIPS '61 (Eastern).

[9]  Abdelmadjid Bouabdallah,et al.  Trusted Execution Environment: What It is, and What It is Not , 2015, TrustCom 2015.

[10]  Ahmad-Reza Sadeghi,et al.  TIMBER-V: Tag-Isolated Memory Bringing Fine-grained Enclaves to RISC-V , 2019, NDSS.

[11]  Reinhard Bündgen,et al.  Secure your cloud workloads with IBM Secure Execution for Linux on IBM z15 and LinuxONE III , 2020, IBM J. Res. Dev..

[12]  Donald E. Porter,et al.  Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX , 2017, USENIX Annual Technical Conference.

[13]  Insik Shin,et al.  CHANCEL: Efficient Multi-client Isolation Under Adversarial Programs , 2021, NDSS.

[14]  Ruby B. Lee,et al.  Architecture for protecting critical secrets in microprocessors , 2005, 32nd International Symposium on Computer Architecture (ISCA'05).

[15]  Rahul M. Rao,et al.  3.1 POWER9™: A processor family optimized for cognitive computing with 25Gb/s accelerator links and 16Gb/s PCIe Gen4 , 2017, 2017 IEEE International Solid-State Circuits Conference (ISSCC).

[16]  Mehmet Kayaalp,et al.  Hardware Support for Malware Defense and End-to-End Trust , 2017 .

[17]  Ahmad-Reza Sadeghi,et al.  SANCTUARY: ARMing TrustZone with User-space Enclaves , 2019, NDSS.

[18]  David M. Eyers,et al.  SCONE: Secure Linux Containers with Intel SGX , 2016, OSDI.

[19]  F. J. Corbat INTRODUCTION AND OVERVIEW OF THE MULTICS SYSTEM , 2010 .

[20]  L. Smith Architectures for Secure Computing Systems , 1975 .

[21]  Elliott I. Organick,et al.  Computer System Organization: The B5700/B6700 Series , 1973 .

[22]  Valerio Schiavoni,et al.  Security, Performance and Energy Trade-Offs of Hardware-Assisted Memory Protection Mechanisms , 2018, 2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS).

[23]  Nael B. Abu-Ghazaleh,et al.  Iso-X: A Flexible Architecture for Hardware-Managed Isolated Execution , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[24]  Dawn Song,et al.  Keystone: an open framework for architecting trusted execution environments , 2020, EuroSys.

[25]  Takashi Masuda,et al.  The HITAC5020 time sharing system , 1969, ACM '69.

[26]  Theodore Ts'o File System-level Integrity Protection , 2018 .

[27]  Post-Silicon Validation of the IBM POWER9 Processor , 2020, 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[28]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[29]  Stefan Mangard,et al.  Malware Guard Extension: abusing Intel SGX to conceal cache attacks , 2020, Cybersecurity.

[30]  Srinivas Devadas,et al.  Sanctum: Minimal Hardware Extensions for Strong Software Isolation , 2016, USENIX Security Symposium.

[31]  Brian W. Thompto POWER9: Processor for the cognitive era , 2016, 2016 IEEE Hot Chips 28 Symposium (HCS).

[32]  Michael K. Reiter,et al.  Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.

[33]  Ruby B. Lee,et al.  Hardware-rooted trust for secure key management and transient trust , 2007, CCS '07.

[34]  Xiaoxin Chen,et al.  Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems , 2008, ASPLOS.

[35]  Rick Boivie,et al.  SecureBlue + + : CPU Support for Secure Execution , 2011 .

[36]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[37]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[38]  Marten van Dijk,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003, ICS '03.

[39]  Bülent Abali,et al.  IBM POWER9 processor and system features for computing in the cognitive era , 2018, IBM J. Res. Dev..