scone: secure linux containers with intel...
TRANSCRIPT
SCONE:SecureLinuxContainerswithIntelSGXSergeiArnautov1,BohdanTrach1,FranzGregor1,ThomasKnauth1,AndreMarGn1,ChrisGanPriebe2,JoshuaLind2,DivyaMuthukumaran2,DanO’Keeffe2,MarkLSGllwell2,DavidGoltzsche3,DavidEyers4,R¨udigerKapitza3,PeterPietzuch2,andChristofFetzer11Fakult¨atInformaGk,TUDresden,[email protected],ImperialCollegeLondon,[email protected],TUBraunschweig,[email protected],UniversityofOtago,[email protected]
SaeidMofrad
1-INTRODUCTION:LinuxContainers:ContainersuseOS-levelvirtualizaGonandtheyarepopularforpackaging,deployingandmanagingservicessuchaskey/valuestoresandwebservers.UnlikeVMs,theydonotrequirehypervisorsoradedicatedOSkernel.Instead,theyusekernelfeaturestoisolateprocesses,andthusdonotneedtotrapsystemcallsoremulatehardwaredevices.• Containerprocesscanrunasnormalsystemprocess.Theyarelightweight(theyusethehostOSforI/OoperaGons,resourcemanagement,etc.)fasterI/OthroughputandlatencythanVMsIsolaGonisweaksinceitisusingso`warekernelmechanisms,makeiteasierforaaackerstocompromisetheconfidenGalityandintegrityofapplicaGondatawithincontainers.• DockerandLXCareusingforthepackagingofthecontainers.• DockerSwarmorKubernetesareusingfortheirdeployment.
WhatisSCONE?SCONEisaSecureContainerEnvironmentforDockerthatusesSGXtorunLinuxapplicaGonsinsecurecontainers.GoalofSCONE:1. RununmodifiedLinuxapplicaGons2. Incontainers3. Inanuntrustedcloud4. SecurelywithacceptableperformanceSCONEProper7es:1. SecurecontainershaveasmallTCB.2. Securecontainershavealowoverhead.3. SecurecontainersaretransparenttoDocker.
Designtrade-offs:whatsystemsupportshouldbeplacedinsideanenclavetoenablethesecureexecuGonofLinuxprocessesinacontainer?Challenges:SecuritydecisionaboutthesizeoftheTCBandtheexposedinterfacetotheoutsideworldandperformanceimpactbecauseoftheSGXlimitaGon).TCBSIZE:BiggerTCBLargerAaacksurfaceExternalcontainerinterface:Toexecuteunmodifiedprocessesinsidesecurecontainers,thecontainermustsupportaCstandardlibrary(libc)interface.SinceanylibcimplementaGonmustusesystemcalls,whichcannotbeexecutedinsideofanenclave,asecurecontainermustalsoexposeanexternalinterfacetothehostOS.AsthehostOSisuntrusted,theexternalinterfacebecomesanaaackvector.
TojusGfythedesignofSCONE,Theyexploredalternatedesignchoices.
Figure1ashowsapriordesignpoint,asdemonstratedbyHaven,whichminimizestheexternalinterfacebyplacinganenGreWindowslibraryOSinsidetheenclave.Abenefitofthisapproachisthatitexposesonlyasmallexternalinterfacewith22callsbecausealargeporGonofaprocess’systemsupportcanbeprovidedbythelibraryOS.ThelibraryOS,however,increasestheTCBsizeinsideoftheenclave.
TojusGfythedesignofSCONE,Theyexplorealternatedesignchoices.(cont.) Figure1bshowstheopposite,extremedesign
point:theexternalinterfaceisusedtoperformalllibclibrarycallsmadebytheapplicaGon.ThisraisesthechallengeofprotecGngtheconfidenGalityandintegrityofapplicaGondatawhilstexposingawideinterface.Forexample,I/Ocallssuchasreadandwritecouldbeusedtocompromisedatawithintheenclave,andcodeinsidethesecurecontainercannottrustreturneddata.AbenefitofthisapproachisthatithasminimalTCBinsidetheenclave—onlyasmallshimClibraryneedstorelaylibccallstothehostlibclibraryoutsideoftheenclave.
TojusGfythedesignofSCONE,Theyexploredalternatedesignchoices.(Cont.)
Figure1cshowsamiddlegroundbydefiningtheexternalinterfaceatthelevelofsystemcallsexecutedbythelibcimplementaGon.• shieldlibrariescanbeusedtoprotectasecurity-sensiGvesetofsystemcalls:filedescriptorbasedI/Ocalls,suchasread,write,send,andrecv,areshieldedbytransparentlyencrypGnganddecrypGngtheuserdata.
Table1ShowstheperformanceandresourcemetricsforeachserviceusingtheLinuxlibraryOScomparedtoanaGveglibcdeployment.Onaverage,thelibraryOSincreasestheTCBsizeby5x,theservicelatencyby4xandhalvestheservicethroughput.
Observation: System call overhead and Memory Access Overhead. A micro-benchmarkonanIntelXeonCPUE3-1230v5at3.4GHzmeasuringthemaximumrateatwhichpwritesystemcallscanbeexecutedwithandwithoutanenclave.
Endofpresenta7on
3.2Externalinterfaceshielding:SCONEsupportsasetofshields.Shieldsfocuson:(1)PrevenGnglow-levelaaacks,suchastheOSkernelcontrollingpointersandbuffersizespassedtotheservice(2)ensuringtheconfidenGalityandintegrityoftheapplicaGondatapassedthroughtheOS.SCONEsupportsshieldsfor:(1) thetransparentencrypGonoffiles(2)thetransparentencrypGonofcommunicaGonchannelsviaTLS(3)thetransparentencrypGonofconsolestreams.AshieldalsohasconfiguraGonparameters,whichareencryptedandcanbeaccessedonlya`ertheenclavehasbeeniniGalized.
Filesystemshield:ThefilesystemshieldprotectstheconfidenGalityandintegrityoffiles.Containerimagecreatormustdefinethreedisjointsetsoffilepathprefixes:(1) Unprotectedfiles,(2) encryptedandauthenGcatedfiles,(3) authenGcatedfiles.-ProcessesinasecurecontainerhaveaccesstothestandardDockertmpfs,butitiscostlyaslightweightalternaGveSCONEsupportsasecureephemeralfilesystemthroughitsfilesystemshield.theephemeralfilesystemmaintainsthestateofmodifiedfilesinnon-enclavememoryanditisfasterthantmpfs.Theephemeralfilesystemisresilientagainstrollbackaaack:a`errestarGngthecontainerprocess,thefilesystemreturnstoapreconfiguredstartupstatethatisvalidatedbythefilesystemshield,andthereforeitisnotpossibleforanaaackertorollbackthefilesystemtoanintermediatestate.ThisisalsotrueduringrunGme,sincethemetadataforfiles’blocksresideswithintheenclave.
Networkshield:SCONEpermitsclientstoestablishsecuretunnelstoitandwrapsallsocketoperaGonsandredirectsthemtoanetworkshield.Thenetworkshield,uponestablishinganewconnecGon,performsaTLShandshakeandencrypts/decryptsanydatatransmiaedthroughthesocket.TheprivatekeyandcerGficatearereadfromthecontainer’sfilesystem.Thus,theyareprotectedbythefilesystemshield.Consoleshield:Containerpermitauthorizedprocessestoaaachtothestdin,stdout,andstderr.SCONEsupportstransparentencrypGonforthem.ThesymmetricencrypGonkeyisexchangedbetweenthesecurecontainerandtheSCONEclientduringthestartupprocedure.Aconsoleshieldencryptsastreambysplijngitintovariable-sizedblocks.AstreamisprotectedagainstreplayandreorderingaaacksbyassigningeachblockauniqueidenGfier,whichischeckedbytheauthorizedSCONEclient.
3.3Threadingmodel:SCONEsupportsanM:NthreadingmodelinwhichMapplicaGonthreadsinsidetheenclavearemappedtoNOSthreads.->fewerenclavetransiGons.
-MulGpleOSthreadsinSCONEcanenteranenclave.Eachthreadexecutesthescheduler.Schedulerchecksif:(1)anapplicaGonthreadneedstobewokenduetoanexpiredGmeoutorthearrivalofasystemcallresponse;or(2)anapplicaGonthreadiswaiGngtobescheduled.Inbothcases,theschedulerexecutestheassociatedthread.-ThenumberofOSthreadsinsidetheenclaveistypicallyboundbythenumberofCPUcores.-Thesystemcallthreadsresideinthekernelindefinitelytoeliminatetheoverheadofkernelmodeswitches.-Whentherearenopendingsystemcalls,thethreadsback-offtoreduceCPUload.
3.4 Asynchronous system calls: Thisinterfaceconsistsoftwolock-free,mulG-producer,mulG-consumerqueues:arequestqueueandaresponsequeue.
1. When system call happens copies memory-based
arguments outside of the enclave 2. addsadescripGonofthesystemcalltoasyscallslotdatastructurecontainingthesystemcallnumberandarguments.Thesyscallslotandtheargumentsusethread-localstorage.3. NexttheapplicaGonthreadyieldstothescheduler,which
willexecuteotherapplicaGonthreadsunGlthereplytothesystemcallisreceivedintheresponsequeue.
4. Thesystemcallisissuedbyplacingareferencetothesyscallslotintotherequestqueue.
5.Whentheresultisavailableintheresponsequeue,buffersarecopiedtotheinsideoftheenclave,andallpointersareupdatedtopointtoenclavememorybuffers.6.TheassociatedapplicaGonthreadisscheduledagain.
3.5Dockerintegra7on:TheintegraGonofsecurecontainerswithDockerrequireschangestothebuildprocessofsecureimage,andchangetoclient-sideextensions.SCONEdoesnotrequiremodificaGonstotheDockerEngineoritsAPI.
Containerstartup:EachsecurecontainerrequiresastartupconfiguraGonfile(SCF).TheSCFcontainskeystoencryptstandardI/Ostreams,ahashoftheFSprotecGonfileanditsencrypGonkey.SinceSGXdoesnotprotecttheconfidenGalityofenclavecode,pujngthestartupconfiguraGonintheenclaveitselfisnotanopGon.Instead,a`ertheexecutablehasiniGalizedtheenclave,theSCFisreceivedthroughaTLSprotectednetworkconnecGon,duringenclavestartup.
Evalua7on:TheyUsedTwowebservers,Apache,andNGINX,Memcached;Redis;andSQLite.TheapplicaGonsincludeamixofcompute(e.g.,SQLite)andI/Ointensive(e.g.,ApacheandMemcached)workloads.Threevariantsforeachapplica7on:1-onebuiltwiththeGNUClibrary(glibc);2-onebuiltwiththemuslClibraryadaptedtoruninsideSGXenclaveswithsynchronoussystemcalls(SCONE-sync);3-onebuiltwiththesamemuslClibrarybutwithasynchronoussystemcalls(SCONE-async).ForapplicaGonsthatdonotsupportencrypGon(e.g.,MemcachedandRedis),theyuseStunneltoencrypttheircommunicaGonintheglibcvariant.
FIGURE 14 SHOWS HOW MANY PWRITE() CALLS CAN BE EXECUTED BY SCONE-ASYNC, SCONE-SYNC AND NATIVELY.
CONCLUSION
• SCONEincreasestheconfidenGalityandintegrityofcontainerizedservicesusingIntelSGX.
• TCBisbetween0.6–2theapplicaGoncodesizeandarecompaGblewithDocker.
• asynchronoussystemcallsandakernelmodulemakeSGXoverheadless.
• Forallevaluatedservices,theyachievedatleast60%ofthenaGvethroughput;
REFERENCE:
• haps://www.ibr.cs.tu-bs.de/users/goltzsch/papers/osdi2016scone-preprint.pdf
• haps://www.usenix.org/sites/default/files/conference/protected-files/osdi16_slides_knauth.pdf