Cabin: Confining Untrusted Programs within Confidential VM

EasyChair Preprint no. 13841

Abstract

Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system kernels, making them susceptible to attacks exploiting kernel weaknesses. The imprecise control over read/write access in the page table has allowed attackers to exploit vulnerabilities. The lack of security hierarchy leads to insufficient separation between user and kernel space, making the kernel susceptible to direct threats from untrusted programs. This study proposes Cabin, an isolated execution framework within guest VM utilizing the latest AMD SEV-SNP technology. Cabin shields untrusted processes to the user space of a lower VMPL by introducing a proxy-kernel between the confined processes and the guest OS. Furthermore, we propose execution protection mechanisms based on fine-gained control of VMPL privilege for vulnerable programs and the proxy-kernel to minimize the attack surface. We introduce asynchronous forwarding machanism and anonymous memory management to reduce the performance impact. The evaluation results show that the Cabin framework incurs a modest overhead (5% on average) on Nbench and WolfSSL benchmarks.

Keyphrases: Confidential Computing, Encrypted Virtualization, Execution-Only Memory, Intra-process isolation, Syscall Filtering, Trusted Execution Environment

@Booklet{EasyChair:13841,
  author = {Benshan Mei and Saisai Xia and Wenhao Wang and Dongdai Lin},
  title = {Cabin: Confining Untrusted Programs within Confidential VM},
  howpublished = {EasyChair Preprint no. 13841},

  year = {EasyChair, 2024}}