Arm confidential compute architecture extensions and applications

Abstract

With the rapid adoption of the Arm architecture in cloud computing infrastructure and on personal devices, the software security of the Arm platform has become an emerging concern. Looking at Arm architecture’s security-related technologies, the Trusted Execution Environment (TEE) plays a crucial role in ensuring data security. Early on, Arm TrustZone TEE creates the Secure world that is isolated from regular software running in the Normal world. More recently, Arm Confidential Compute Architecture (CCA), announced in March 2021, is introduced as part of the Armv9.2-­A architecture and creates confidential virtual machines called Realms. However, there are still limitations with current mechanisms on Arm that need to be addressed: (1) Arm CCA focuses on VM-level isolation and does not provide lightweight TEE for applications; (2) while the Arm TrustZone system has high privileges, it faces security vulnerabilities and lacks a secure forensics mechanism; and (3) diagnosing software failures in production environments remains an open problem for Arm architecture. We aim to address the three limitations in the Arm CCA through extensions and applications. To complement the confidential computing environment that protects sensitive code and data within applications, we introduce a new method to extend Arm CCA in user space. Our proposed system, SHELTER, provides hardware-based isolation for applications with a minimal Trusted Computing Base (TCB). Third-party developers can run their applications with isolation as SHELTER Apps (SApps). We utilize the CCA hardware Realm Management Extension (RME) to host a Monitor that is inherently separated from other system software. Within the Monitor, we present a novel isolation mechanism that works in conjunction with RME to securely and efficiently protect SApp. Our system facilitates the deployment of SApps in the Normal world and enables isolation across different privileges. To inspect a compromised TrustZone system, we introduce a new secure forensics framework named Scrutinizer. We utilize the highest privilege domain of the Arm CCA, known as the Root world, to construct a protected SCRUTINIZER Monitor. We propose a protective layer within the Monitor that separates the memory acquisition functionality from the Monitor itself, integrating it into an in-TrustZone agent. This design isolates the agent from the TrustZone systems and minimizes codebase expan­sion in the Root world. Furthermore, by grafting most of the target’s page tables into the agent, we optimize the memory acquisition process by reducing redundant translation and mapping operations, thereby lowering performance overhead. We leverage multiple Arm standard hardware features to provide secure forensic capabil­ities beyond pure memory acquisition, including memory access traps and instruction tracing, while making them impervious to hardware configuration tampering by the privileged adversary. To diagnose software failures in production environments, we build a failure diagnosis framework named Investigator for the Arm architecture. This framework traces binary programs executing in multi-threaded environments by leveraging off-the-shelf hardware features Embedded Trace Macrocell (ETM). This approach requires no modifications to hardware components or binaries. Meanwhile, with a novel ap­proach that preserves the complete ETM trace cooperating with Performance Moni­toring Unit (PMU), our framework can reconstruct the entire control flow and recover the data flow from the collected records. We diagnose programs with concurrency and sequential bugs, facilitating root cause analysis of failures with minimal runtime overhead.