ABSTRACT
Malicious I/O devices might compromise the OS using DMAs. The OS therefore utilizes the IOMMU to map and unmap every target buffer right before and after its DMA is processed, thereby restricting DMAs to their designated locations. This usage model, however, is not truly secure for two reasons: (1) it provides protection at page granularity only, whereas DMA buffers can reside on the same page as other data; and (2) it delays DMA buffer unmaps due to performance considerations, creating a vulnerability window in which devices can access in-use memory. We propose that OSes utilize the IOMMU differently, in a manner that eliminates these two flaws. Our new usage model restricts device access to a set of shadow DMA buffers that are never unmapped, and it copies DMAed data to/from these buffers, thus providing sub-page protection while eliminating the aforementioned vulnerability window. Our key insight is that the cost of interacting with, and synchronizing access to the slow IOMMU hardware---required for zero-copy protection against devices---make copying preferable to zero-copying.
We implement our model in Linux and evaluate it with standard networking benchmarks utilizing a 40,Gb/s NIC. We demonstrate that despite being more secure than the safest preexisting usage model, our approach provides up to 5x higher throughput. Additionally, whereas it is inherently less scalable than an IOMMU-less (unprotected) system, our approach incurs only 0%--25% performance degradation in comparison.
- Intel TXT Overview. https://www.kernel.org/doc/Documentation/intel_txt.txt. Linux kernel documentation.Google Scholar
- Dma issues, part 2. https://lwn.net/Articles/91870/. (Accessed: January 2016).Google Scholar
- Inside TAO: Documents Reveal Top NSA Hacking Unit. Der Spiegel, Dec 2013. http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html. (Accessed: January 2016).Google Scholar
- B. Aker. Memslap - load testing and benchmarking a server. http://docs.libmemcached.org/bin/memslap.html. libmemcached 1.1.0 documentation.Google Scholar
- AMD Inc. AMD IOMMU architectural specification, rev 2.00. http://developer.amd.com/wordpress/media/2012/10/488821.pdf, Mar 2011.Google Scholar
- Apple Inc. Thunderbolt device driver programming guide: Debugging VT-d I/O MMU virtualization. https://developer.apple.com/library/mac/documentation/HardwareDrivers/Conceptual/ThunderboltDevGuide/DebuggingThunderboltDrivers/DebuggingThunderboltDrivers.html, 2013. (Accessed: January 2016).Google Scholar
- ARM Holdings. ARM system memory management unit architecture specification -- SMMU architecture version 2.0. http://infocenter.arm.com/help/topic/com.arm.doc.ihi0062c/IHI0062C_system_mmu_architecture_specification.pdf, 2013.Google Scholar
- D. Aumaitre and C. Devine. Subverting Windows 7 x64 Kernel with DMA attacks. In Hack In The Box Security Conference (HITB), 2010. http://esec-lab.sogeti.com/static/publications/10-hitbamsterdam-dmaattacks.pdf. (Accessed: January 2016).Google Scholar
- T. Ball, E. Bounimova, B. Cook, V. Levin, J. Lichtenberg, C. McGarvey, B. Ondrusek, S. K. Rajamani, and A. Ustuner. Thorough static analysis of device drivers. In ACM EuroSys, pages 73--85, 2006.Google ScholarDigital Library
- A. Basu, M. D. Hill, and M. M. Swift. I/O memory management unit providing self invalidated mapping. https://www.google.com/patents/US20150067296, 2015. US Patent App. 14/012,261.Google Scholar
- M. Becher, M. Dornseif, and C. N. Klein. FireWire: all your memory are belong to us. In CanSecWest Applied Security Conference, 2005.Google Scholar
- A. Boileau. Hit by a Bus: Physical Access Attacks with Firewire. In Ruxcon, 2006. http://www.security-assessment.com/files/presentations/ab_firewire_rux2k6-final.pdf. (Accessed: January 2016).Google Scholar
- J. Bonwick. The Slab allocator: An object-caching kernel memory allocator. In USENIX Summer Annual Technical Conference, pages 87--98, 1994.Google Scholar
- J. E. Bottomley. Dynamic DMA mapping using the generic device. https://www.kernel.org/doc/Documentation/DMA-API.txt. Linux kernel documentation.Google Scholar
- S. Boyd-Wickizer and N. Zeldovich. Tolerating Malicious Device Drivers in Linux. In USENIX Annual Technical Conference (ATC), pages 117--130, 2010.Google Scholar
- J. Brossard. Hardware bakdooring is pratical. In Black Hat, 2012. http://www.toucan-system.com/research/blackhat2012_brossard_hardware_backdooring.pdf. (Accessed: January 2016).Google Scholar
- B. D. Carrier and J. Grand. A hardware-based memory acquisition procedure for digital investigations. Digital Investigation, 1 (1): 50--60, Feb 2014.Google Scholar
- A. Chou, J. Yang, B. Chelf, S. Hallem, and D. Engler. An empirical study of operating systems errors. In ACM Symposium on Operating Systems Principles (SOSP), pages 73--88, 2001.Google ScholarDigital Library
- M. Dornseif. 0wned by an iPod. In PacSec, 2004. https://pacsec.jp/psj04/psj04-dornseif-e.ppt. (Accessed: January 2016).Google Scholar
- L. Duflot, Y.-A. Perez, G. Valadon, and O. Levillain. Can you still trust your network card? Technical report, French Network and Information Security Agency (FNISA), Mar 2010. http://www.ssi.gouv.fr/uploads/IMG/pdf/csw-trustnetworkcard.pdf. (Accessed: January 2016).Google Scholar
- L. Duflot, Y.-A. Perez, and B. Morin. What if You Can't Trust Your Network Card? In Conference on Recent Advances in Intrusion Detection, pages 378--397, 2011.Google ScholarDigital Library
- B. Fitzpatrick. Distributed caching with memcached. Linux Journal, 2004 (124), Aug 2004.Google ScholarDigital Library
- J. N. Herder, H. Bos, B. Gras, P. Homburg, and A. S. Tanenbaum. Failure resilience for device drivers. In IEEE/IFIP Annual International Conference on Dependable Systems and Networks (DSN), pages 41--50, 2007.Google ScholarDigital Library
- O. Horovitz, S. Rihan, S. A. Weis, and C. A. Waldspurger. Secure support for I/O in software cryptoprocessor. https://patents.google.com/patent/US20150269091A1, 2015. US Patent App. 14/663,217.Google Scholar
- IBM Corporation. PowerLinux servers -- 64-bit DMA concepts. http://pic.dhe.ibm.com/infocenter/lnxinfo/v3r0m0/topic/liabm/liabmconcepts.htm. (Accessed: January 2016).Google Scholar
- IBM Corporation. AIX kernel extensions and device support programming concepts. http://public.dhe.ibm.com/systems/power/docs/aix/71/kernextc_pdf.pdf, 2013. (Accssed: July 2015).Google Scholar
- Intel Corporation. Intel SSD Data Center Family Product Brief. http://www.intel.com/content/www/us/en/solid-state-drives/data-center-family.html.Google Scholar
- Intel Corporation. Intel Trusted Execution Technology. http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/trusted-execution-technology-security-paper.pdf, 2012.Google Scholar
- Intel Corporation. Intel 64 and IA-32 Architectures Software Developers Manual, Volume 3: System Programming Guide. http://download.intel.com/products/processor/manual/325384.pdf, 2013.Google Scholar
- Intel Corporation. Intel Virtualization Technology for Directed I/O, Architecture Specification - Architecture Specification - Rev. 2.3. http://www.intel.com/content/dam/www/public/us/en/documents/product-specifications/vt-directed-io-spec.pdf, Oct 2014.Google Scholar
- M. S. Johnstone and P. R. Wilson. The memory fragmentation problem: Solved? In ACM International Symposium on Memory Management (ISMM), pages 26--36, 1998.Google ScholarDigital Library
- R. A. Jones. A network performance benchmark (revision 2.0). Technical report, Hewlett Packard, 1995. http://www.netperf.org/netperf/training/Netperf.html.Google Scholar
- A. Kadav, M. J. Renzelmann, and M. M. Swift. Tolerating hardware device failures in software. In ACM Symposium on Operating Systems Principles (SOSP), pages 59--72, 2009.Google ScholarDigital Library
- B. H. Leitao. Tuning 10Gb network cards on Linux. In Ottawa Linux Symposium (OLS), pages 169--189, 2009.Google Scholar
- J. LeVasseur, V. Uhlig, J. Stoess, and S. Götz. Unmodified device driver reuse and improved system dependability via virtual machines. In USENIX Symposium on Operating System Design and Implementation (OSDI), pages 17--30, 2004.Google ScholarDigital Library
- Linux. Documentation/intel-iommu.txt, Linux 3.18 documentation file. https://www.kernel.org/doc/Documentation/Intel-IOMMU.txt. (Accessed: January 2016).Google Scholar
- M. Malka, N. Amit, M. Ben-Yehuda, and D. Tsafrir. rIOMMU: Efficient IOMMU for I/O devices that employ ring buffers. In phACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pages 355--368, 2015.Google Scholar
- M. Malka, N. Amit, and D. Tsafrir. Efficient Intra-Operating System Protection Against Harmful DMAs. In USENIX Conference on File and Storage Technologies (FAST), pages 29--44, 2015.Google Scholar
- V. Mamtani. DMA directions and Windows. http://download.microsoft.com/download/a/f/d/afdfd50d-6eb9--425e-84e1-b4085a80e34e/sys-t304_wh07.pptx, 2007. (Accessed: January 2016).Google Scholar
- D. S. Miller, R. Henderson, and J. Jelinek. Dynamic DMA mapping guide. https://www.kernel.org/doc/Documentation/DMA-API-HOWTO.txt. Linux kernel documentation.Google Scholar
- PCI-SIG. PCI Express 2.0 Base Specification Revision 0.9. https://www.pcisig.com/specifications/iov/ats, Sep 2006.Google Scholar
- O. Peleg, A. Morrison, B. Serebrin, and D. Tsafrir. Utilizing the IOMMU Scalably. In USENIX Annual Technical Conference (ATC), pages 549--562, 2015.Google Scholar
- S. Peter, J. Li, I. Zhang, D. R. K. Ports, D. Woos, A. Krishnamurthy, T. Anderson, and T. Roscoe. Arrakis: The Operating System is the Control Plane. In USENIX Symposium on Operating System Design and Implementation (OSDI), pages 1--16, 2014.Google Scholar
- F. L. Sang, Éric Lacombe, V. Nicomette, and Y. Deswarte. Exploiting an I/OMMU vulnerability . In International Conference on Malicious and Unwanted Software (MALWARE), pages 7--14, 2010.Google ScholarCross Ref
- P. Stewin and I. Bystrov. Understanding DMA Malware. In Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), pages 21--41, 2012.Google Scholar
- M. Swift, B. Bershad, and H. Levy. Improving the reliability of commodity operating systems. ACM Transactions on Computer Systems (TOCS), 23 (1): 77--110, Feb 2005.Google ScholarDigital Library
- A. Triulzi. I 0wn the NIC, now I want a shell! In PacSec, 2008. http://www.alchemistowl.org/arrigo/Papers/Arrigo-Triulzi-PACSEC08-Project-Maux-II.pdf. (Accessed: January 2016).Google Scholar
- C. Waldspurger and M. Rosenblum. I/O virtualization. Communications of the ACM (CACM), 55 (1): 66--73, Jan 2012.Google ScholarDigital Library
- D. Williams, P. Reynolds, K. Walsh, E. G. Sirer, and F. B. Schneider. Device driver safety through a reference validation mechanism. In USENIX Symposium on Operating System Design and Implementation (OSDI), pages 241--254, 2008.Google ScholarDigital Library
- P. Willmann, S. Rixner, and A. L. Cox. Protection strategies for direct access to virtualized I/O devices. In USENIX Annual Technical Conference (ATC), pages 15--28, 2008.Google ScholarDigital Library
- R. Wojtczuk and J. Rutkowska. Following the White Rabbit: Software attacks against Intel VT-d technology. http://invisiblethingslab.com/resources/2011/Software Attacks on Intel VT-d.pdf, Apr 2011.Google Scholar
- K. Zetter. How the NSA's Firmware Hacking Works and Why It's So Unsettling. Wired, Feb 2015. http://www.wired.com/2015/02/nsa-firmware-hacking/. (Accessed: July 2015).Google Scholar
- Z. Zhou, V. D. Gligor, J. Newsome, and J. M. McCune. Building Verifiable Trusted Path on Commodity x86 Computers. In IEEE Symposium on Security and Privacy (S&P), pages 616--630, 2012.Google ScholarDigital Library
Index Terms
- True IOMMU Protection from DMA Attacks: When Copy is Faster than Zero Copy
Recommendations
Characterizing, exploiting, and detecting DMA code injection vulnerabilities in the presence of an IOMMU
EuroSys '21: Proceedings of the Sixteenth European Conference on Computer SystemsDirect memory access (DMA) renders a system vulnerable to DMA attacks, in which I/O devices access memory regions not intended for their use. Hardware input-output memory management units (IOMMU) can be used to provide protection. However, an IOMMU ...
DAMN: Overhead-Free IOMMU Protection for Networking
ASPLOS '18: Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating SystemsDMA operations can access memory buffers only if they are "mapped" in the IOMMU, so operating systems protect themselves against malicious/errant network DMAs by mapping and unmapping each packet immediately before/after it is DMAed. This approach was ...
True IOMMU Protection from DMA Attacks: When Copy is Faster than Zero Copy
ASPLOS'16Malicious I/O devices might compromise the OS using DMAs. The OS therefore utilizes the IOMMU to map and unmap every target buffer right before and after its DMA is processed, thereby restricting DMAs to their designated locations. This usage model, ...
Comments