Skip to content

Latest commit

 

History

History
104 lines (80 loc) · 5.89 KB

README.md

File metadata and controls

104 lines (80 loc) · 5.89 KB

MlsDisk

Introduction

MlsDisk is a multilayered log-structured secure virtual disk for TEEs, which has the following key features:

  • Transparent protection. As a virtual disk, MlsDisk can transparently protect any file system (e.g., Ext4) that is stacked upon it and runs inside a Trusted Execution Environment (TEE) from a strong adversary outside the TEE.

  • Strong security. MlsDisk promises six security properties: confidentiality, integrity, freshness, consistency, atomicity, and irreversibility. For more information, see the section Security Guarantees below.

  • High performance. Thanks to its unique multilayered log-structured design, MlsDisk can deliver an excellent I/O performance that is close to the theoretically optimal level.

Overview

MlsDisk targets a typical setting of TEE usage, where applications are ported into the TEE with no (or few) modifications thanks to a TEE-aware runtime. For enclave TEEs (e.g., Intel SGX), one popular choice for such a runtime is library OSes (e.g., Occlum). For VM TEEs (e.g., AMD SEV), one can choose off-the-shelf OS kernels like Linux.

The threat model of MlsDisk.

As shown in the image above, the TEE runtime is integrated with MlsDisk, which serves as a secure block device that supports three standard block I/O commands including read(), write(), and sync(). From the perspective of MlsDisk's users (e.g., file systems), all data written to or read from MlsDisk is in plaintext. To serve these I/O requests securely, MlsDisk takes some extra security measures, including but not limited to encrypting/decrypting the data transferred to/from the host block device properly.

Security Guarantees

MlsDisk promises to provide six security guarantees to its users (e.g., file systems), outlined as follows:

  • Confidentiality guarantees that the user data submitted by any write is not leaked and thus prevents tampering attacks.
  • Integrity promises that the user data returned from any read are genuinely generated by the user and thus prevents snooping attacks.
  • Freshness ensures that the user data returned from any read are up-to-date and thus prevents rollback attacks.
  • Consistency ensures that all the security guarantees are held despite any accidental crashes or crashing attacks.
  • Atomicity promises that all writes before a sync operation are persisted in an all-or-nothing manner.
  • Irreversibility promises the sync operation is irreversible regardless whether TEE is online or not.

Prior disk I/O protection solutions only provide a subset of MlsDisk's security guarantees. For example, Linux's dm-crypt and dm-integrity only protect confidentiality and integrity, respectively. Although Linux's dm-verity ensures both integrity and freshness, it is read-only. As another example, Intel SGX Protected File System Library protects confidentiality, integrity, freshness, and consistency, but falls short of atomicity and irreversibility.

Implementation

MlsDisk is written in Rust. The core of MlsDisk's design resides in core/layers, showcasing its multilayered log-structured approach.

MlsDisk is also engineered to be portable across different OSes and TEEs, with platform-specific implementations found in core/os and notably linux for Linux integration. As of this moment, MlsDisk has been integrated into two OSes.

We plan to release a research paper that describes the design and implementation of MlsDisk in the near future.

Performance

MlsDisk achieves superior performance compared to the state-of-the-art solutions, thanks to its advanced multilayered log-structured design, with minimal I/O amplification. The comparative results under the Fio benchmark against two other virtual disks are presented below.

100GiB data
(MiB/s)
seq-write rnd-write-4K rnd-write-32K rnd-write-256K seq-read rnd-read-4K rnd-read-32K rnd-read-256K
MlsDisk 960 605 842 928 1128 140 446 992
CryptDisk (encrypt-only baseline) 982 45.5 271 860 1203 165 489 1057
PfsDisk (based on SGX-Pfs) 103 19.2 57.8 86.1 340 84.7 245 321

For more comprehensive performance evaluation, please look forward to our upcoming paper.

License

Except where noted otherwise, the individual files within this package are licensed as MPL v2.0 license. However, when linked together to form a Linux kernel module, the resulting Linux kernel module is dual licensed as MPLv2/GPLv2.