当前位置:首页 > 报告详情

吴昊-Secure IO for Virtualization-Based Trusted Execution Environment.pdf

上传人: 张** 编号:159358 2024-04-05 9页 344.42KB

1、Secure IO for Virtualization-Based Trusted Execution EnvironmentWu Hao 2024/03Agenda Background Secure IO Introduction Linux upstream updateBackground Trusted Execution Environment(TEE)VM e.g.Intel Trust Domain Extensions(TDX)Current direct IO model limitations IO Data needs to be bounced to shared

2、staging buffer Additional software-based cryptographic techniques required for data protectionVMMTVMTrust ComputeBoundaryIO DataIO DataDeviceShared MemoryEncrypt&Copy-outDecrypt&Copy-inDMA(w/encryption/decryption)Secure IOTVMTrust ComputeBoundaryIO DataDeviceTrust ComputeBoundary Accept trusted devi

3、ce into TVMs TCB Device Attestation Device DMA to private memory Private Device MMIO access DMA/MMIO access control and isolation Physical Data Link Protection New Industry standards to define software and hardware extensions needed to support Secure IOPCIe*TEE Device Interface Security Protocol(TDI

4、SP)PCI-SIG standards of Secure IO(TEE-IO)architecture TEE Device Interface Security Protocol(TDISP)requires Device Attestation(SPDM,CMA)Establish trust channel between TSM and DSM(SPDM)Secure the interconnect between the host and device(IDE)Secure attach/detach TDIs to a TVM(TDISP state machine)Trus

5、ted MMIO/DMA support and access controlTDISP Host/Device Reference Architecture From:PCIE*TDISP spec Secure IO TDISP state machine UNLOCK:allow untrusted MMIO/DMA LOCKED:prevent untrusted MMIO/DMA RUN:allow trusted MMIO/DMA ERROR:stopped due to errorTDISP state machine From:PCIE*TDISP spec Secure IO

6、 High Level Architecture(Draft)Based on existing direct IO framework(VFIO)New TSM driver to manage Secure IO life cycles/TDI state machine Common TSM code/ABIs vs Arch specific implementation Enlighten Guest OS to manage attached TDI GHCx Guest/Host Communicat

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要探讨了虚拟化基础上的安全输入输出(Secure IO)问题,由Wu Hao(hao.wu@intel.com)于2024年3月提出。背景部分提到了当前直接输入输出(direct IO)模型在信任执行环境(TEE)中的局限性,如数据需要在共享缓冲区中反弹,以及需要额外的软件加密技术来保护数据。文章详细介绍了Secure IO的架构,包括信任设备加入TEE的TCB,设备声明,DMA到私有内存,私有设备MMIO访问,以及DMA/MMIO访问控制和隔离等。此外,文章还提到了新的行业标准,如PCIe* TEE Device Interface Security Protocol (TDISP),以支持Secure IO。最后,文章介绍了Linux上游更新,包括Linux Confidential Computing Mailing list和RFC等,并鼓励加入社区讨论。
"Secure IO如何提高虚拟化环境的安全性?" "Linux内核如何实现Secure IO支持?" "加入Secure IO标准的新硬件有哪些优势?"
客服
商务合作
小程序
服务号
折叠