Skip to main content
SpringerLink
Log in

TZ-Container: protecting container from untrusted OS with ARM TrustZone

  • Research Paper
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

Containers are widely deployed on cloud platforms because of their low resource footprint, fast start-up time, and high performance, especially compared with its counterpart virtual machines. However, the Achilles’ heel of container technology is its weak isolation. For an attacker, jailbreaking into a host OS from a container is relatively easier than attacking a hypervisor from a virtual machine, because of its notably larger attack surface and larger trusted computing base (TCB). Researchers have proposed various solutions to protect applications from untrusted OS; yet, few of them focus on protecting containers, especially those hosting multiple applications and shared by multiple users. In this paper, we first identify several new attacks that cannot be prevented using the existing solutions. Furthermore, we systematically analyze the security properties that should be maintained to defend against these attacks and protect a full-fledged container from a malicious host OS. We then present the TZ-Container, a TrustZone-based secure container mechanism that can keep all these security properties. The TZ-Container specifically leverages TrustZone to construct multiple isolated execution environments (IEEs). Each IEE has a memory space isolated from the underlying OS and any other processes. By interposing switching between the user and the kernel modes, IEEs enforce security checks on each system call according to its semantics. We have implemented TZ-Container on the Hikey development board ensuring that it can support running unmodified Docker images downloaded from existing repositories such as https://hub.docker.com/. The evaluation results demonstrate that the TZ-Container has a performance overhead of approximately 5%.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Merkel D. Docker: lightweight Linux containers for consistent development and deployment. Linux J, 2014, 2: 12

    Google Scholar 

  2. Moammer K. Amd launching “hierofalcon” 64bit arm embedded chips in 1h 2015-zen and k12 next year. 2015. http://wccftech.com/amd-launching-arm-serves-year-wip/#ixzz3Yef58mtq

  3. Morgan T P. Arm servers: cavium is a contender with thunderx. 2015. https://www.nextplatform.com/2015/12/09/arm-servers-cavium-is-a-contender-with-thunderx/

  4. Amd opteron a1100. AMD. 2016. http://www.amd.com/en-gb/products/server/opteron-a-series

  5. Sverdlik Y. Paypal deploys arm servers in data centers. 2015. http://www.datacenterknowledge.com/archives/2015/04/29/paypal-deploys-arm-servers-in-data-centers

  6. Rath J. Baidu deploys marvell arm-based cloud server. 2013. http://www.datacenterknowledge.com/archives/2013/02/28/baidu-deploys-marvell-arm-based-server/

  7. Introduction of Rancher-labs. Rancher-labs. 2017. http://rancher.com/rancher-labs-2017-predictions-rapid-adoption-and-innovation-to-come/

  8. Martin J. Kubernetes on arm. 2016. http://kubecloud.io/kubernetes-on-arm-cluster/

  9. Docker on arm. Uli Middelberg. 2015. https://github.com/umiddelb/armhf/wiki/Installing,-running,-using-docker-on-armhf-(ARMv7)-devices

  10. Linux CVE. CVE Details. 2016. http://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/Linux-Linux-Kernel.html

  11. Chen H, Zhang F, Chen C, et al. Tamper-resistant execution in an untrusted operating system using a virtual machine monitor. Parallel Processing Institute Technical Report, 2007. FDUPPITR-2007-08001

  12. Chen X, Garfinkel T, Lewis E, et al. Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems. In: Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems, 2008

  13. Arnautov S, Trach B, Gregor F, et al. Scone: secure Linux containers with Intel SGX. In: Proceedings of USENIX Symposium on Operating Systems Design and Implementation, 2016

  14. Yang J, Shin K G. Using hypervisor to provide data secrecy for user applications on a per-page basis. In: Proceedings of the 4th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, 2008. 71–80

  15. Intel. Software guard extensions programming reference. 2015. https://software.intel.com/site/default/files/329298-001.pdf

  16. Checkoway S, Shacham H. Iago attacks: why the system call API is a bad untrusted RPC interface. SIGARCH Comput Archit News, 2013, 41: 253–264

    Article  Google Scholar 

  17. Hofmann O S, Kim S, Dunn A M, et al. InkTag: secure applications on an untrusted operating system. In: Proceedings of the 18th International Conference on Architectural Support for Programming Languages and Operating Systems, New York, 2013. 265–278

  18. Kwon Y, Dunn A M, Lee M Z, et al. Sego: pervasive trusted metadata for efficiently verified untrusted system services. In: Proceedings of the 21st International Conference on Architectural Support for Programming Languages and Operating Systems, 2016. 277–290

  19. Mitsuishi T, Nomura S, Suzuki J, et al. Accelerating breadth first search on GPU-BOX. SIGARCH Comput Archit News, 2014. 42: 81–86

    Article  Google Scholar 

  20. Chhabra S, Rogers B, Solihin Y, et al. SecureME: a hardware-software approach to full system security. In: Proceedings of the International Conference on Supercomputing, 2011

  21. Azab A M, Ning P, Zhang X. Sice: a hardware-level strongly isolated computing environment for x86 multi-core platforms. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011. 375–388

  22. Strackx R, Piessens F. Fides: selectively hardening software application components against kernel-level or process-level malware. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, 2012. 2–13

  23. Sun H, Sun K, Wang Y, et al. Trustice: hardware-assisted isolated computing environments on mobile devices. In: Proceedings of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2015. 367–378

  24. Li Y, McCune J, Newsome J, et al. Minibox: a two-way sandbox for x86 native code. In: Proceedings of 2014 USENIX Annual Technical Conference (USENIX ATC 14), 2014. 409–420

  25. Baumann A, Peinado M, Hunt G. Shielding applications from an untrusted cloud with haven. In: Proceedings of ACM Transactions on Computer Systems (TOCS), 2015. 33: 8

    Google Scholar 

  26. Tsai C-C, Porter D E, Vij M. Graphene-sgx: a practical library OS for unmodified applications on SGX. In: Proceedings of USENIX Annual Technical Conference (ATC), 2017. 8

  27. Guan L, Liu P, Xing X, et al. Trustshadow: secure execution of unmodified applications with ARM TrustZone. 2017. ArXiv: 1704.05600

  28. Google. gvisor. 2018. https://github.com/google/gvisor

  29. Alves T, Felton D. TrustZone: integrated hardware and software security. ARM White Paper, 2004, 3: 18–24

    Google Scholar 

  30. Lipp M, Schwarz M, Gruss D, et al. Meltdown. 2018. ArXiv: 1801.01207

  31. Arm trusted firmware. ARM. 2017. https://github.com/ARM-software/arm-trusted-firmware

  32. Xu Y, Cui W, Peinado M. Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: Proceedings of 2015 IEEE Symposium on Security and Privacy (SP), 2015. 640–656

  33. Hähnel M, Cui W, Peinado M. High-resolution side channels for untrusted operating systems. In: Proceedings of 2017 USENIX Annual Technical Conference (USENIX ATC 17), 2017. 299–312

  34. Kocher P, Genkin D, Gruss D, et al. Spectre attacks: exploiting speculative execution. 2018. ArXiv: 1801.01203

  35. Weisse O, Van Bulck J, Minkin M, et al. Foreshadow-ng: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution. Technical Report, KU Leuven. 2018

  36. Ta-Min R, Litty L, Lie D. Splitting interfaces: making trust between applications and operating systems configurable. In: Proceedings of the 7th Symposium on Operating Systems Design and Implementation, 2006. 279–292

  37. Peinado M, Chen Y, England P, et al. Ngscb: a trusted open system. In: Proceedings of Australasian Conference on Information Security and Privacy, 2004. 86–97

  38. McCune J M, Li Y, Qu N, et al. Trustvisor: efficient TCB reduction and attestation. In: Proceedings of 2010 IEEE Symposium on Security and Privacy (SP), 2010. 143–158

  39. Dautenhahn N, Kasampalis T, Dietz W, et al. Nested kernel: an operating system architecture for intra-kernel privilege separation. In: Proceedings of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems, 2015. 191–206

  40. Dan W, Martin L, Ricardo K, et al. Unikernels as processes. In: Proceedings of 2018 ACM Symposium on Cloud Computing, 2018

  41. Wang H, Shi P, Zhang Y. Jointcloud: a cross-cloud cooperation architecture for integrated internet service customization. In: Proceedings of 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), 2017. 1846–1855

  42. Cao D G, An B, Shi P C, et al. Providing virtual cloud for special purposes on demand in jointcloud computing environment. J Comput Sci Technol, 2017, 32: 211–218

    Article  Google Scholar 

  43. Shi P C, Wang H M, Zheng Z B, et al. Collaboration environment for jointcloud computing (in Chinese). Sci Sin Inform, 2017, 47: 1129–1148

    Article  Google Scholar 

  44. Azab A M, Ning P, Shah J, et al. Hypervision across worlds: real-time kernel protection from the arm TrustZone secure world. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014. 90–102

  45. Cho Y, Shin J, Kwon D, et al. Hardware-assisted on-demand hypervisor activation for efficient security critical code execution on mobile devices. In: Proceedings of 2016 USENIX Annual Technical Conference (USENIX ATC 16), 2016. 565–578

  46. Hua Z, Gu J, Xia Y, et al. vTZ: virtualizing ARM TrustZone. In: Proceedings of the 26th USENIX Security Symposium (USENIX Security 17), 2017

  47. Brasser F, Gens D, Jauernig P, et al. Sanctuary: ARMing TrustZone with user-space enclaves. In: Proceedings of the 26th Network and Distributed System Security Symposium, 2019

Download references

Acknowledgements

This work was supported in part by National Key Research & Development Program (Grant No. 2016YFB-1000104), National Natural Science Foundation of China (Grant No. 61772335), and Program of Shanghai Academic Research Leader.

Author information

Authors and Affiliations

  1. Institute of Parallel and Distributed Systems, Shanghai Jiao Tong University, Shanghai, 200240, China

    Zhichao Hua, Jinyu Gu, Yubin Xia, Haibo Chen & Binyu Zang

  2. Shanghai Gejing Information Technology Co., Ltd., Shanghai, 200240, China

    Yang Yu

Authors
  1. Zhichao Hua
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yang Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jinyu Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yubin Xia
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Haibo Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Binyu Zang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yubin Xia.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hua, Z., Yu, Y., Gu, J. et al. TZ-Container: protecting container from untrusted OS with ARM TrustZone. Sci. China Inf. Sci. 64, 192101 (2021). https://doi.org/10.1007/s11432-019-2707-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11432-019-2707-6

Keywords

Search

Navigation