Litcius/Paper detail

Veil: A Protected Services Framework for Confidential Virtual Machines

Adil Ahmad, Botong Ou, Congyu Liu, Xiaokuan Zhang, Pedro Fonseca

202310 citationsDOIOpen Access PDF

Abstract

Confidential virtual machines (CVMs) enabled by AMD SEV provide a protected environment for sensitive computations on an untrusted cloud. Unfortunately, CVMs are typically deployed with huge and vulnerable operating system kernels, exposing the CVMs to attacks that exploit kernel vulnerabilities. Veil is a versatile CVM framework that efficiently protects critical system services like shielding sensitive programs, which cannot be entrusted to the buggy kernel. Veil leverages a new hardware primitive, virtual machine privilege levels (VMPL), to install a privileged security monitor inside the CVM. We overcome several challenges in designing Veil, including (a) creating unlimited secure domains with a limited number of VMPLs, (b) establishing resource-efficient domain switches, and (c) maintaining commodity kernel backwards-compatibility with only minor changes. Our evaluation shows that Veil incurs no discernible performance slowdown during normal CVM execution while incurring a modest overhead (2 -- 64%) when running its protected services across real-world use cases.

Topics & Concepts

Computer scienceExploitConfidentialityComputer securityCloud computingVirtual machineRootkitKernel (algebra)Overhead (engineering)Operating systemMalwareCombinatoricsMathematicsSecurity and Verification in ComputingAdvanced Malware Detection TechniquesDiamond and Carbon-based Materials Research