Overview
A wide range of Arm endpoints leverage integrated GPUs to accelerate computation, such as image processing and numerical processing applications. However, in spite of these important use cases, Arm GPU security has yet to be scrutinized by the community. Unlike the GPU with discrete memory, the Arm endpoint GPUs share the memory with the untrusted operating system, exposing the GPU data and code to risk.
To address the security problems, we present StrongBox, the first GPU TEE for secured general computation on Arm endpoints. StrongBox leverages the existing Arm hardware features to protect the GPU memory and GPU device, and perform necessary checks for the GPU device and memory content. Under a compromised operating system, StrongBox provides an isolated execution environment for sensitive GPU computation, ensuring data confidentiality and code integrity.
FAQ
(1) What is the threat model of StrongBox?
StrongBox assumes a kernel-level privileged attacker who seeks to leak or tamper with sensitive data and execution results of GPU applications. Specifically, the attacker can control the kernel as well as the entire GPU software stacks, including the GPU Driver, runtime, and other peripheral drivers. Moreover, we trust the secure world and consider cryptographic-based attacks, physical attacks, and side-channel/spy attacks to be beyond the scope of StrongBox.
(2) What is the scenario of StrongBox?
We envision scenarios in which users execute the deployed confidential GPU applications to establish cryptographic keys with StrongBox using a key-management protocol. To defend against data leakage during data transfer, users send the encrypted data to StrongBox. Then StrongBox protects and decrypts the data, allowing the GPU to process them securely. Lastly, users retrieve encrypted results from StrongBox.
(3) What is the difference between integrated GPU and discrete GPU?
Typically, the integrated GPU shares the memory with CPUs (hence, with the untrusted operating system). The attacker with kernel-level privileged can read/write the memory content directly or by DMA. However, the discrete GPU owns a dedicated memory on the chip, which can only be accessed by DMA request.
Prototype
We provide our prototype system on Github, which provides the code of Linux kernel code and Arm Trusted Firmware.
Publication
StrongBox: A GPU TEE on Arm Endpoints.
Yunjie Deng, Chenxu Wang, Shunchang Yu, Shiqing Liu, Zhenyu Ning, Kevin Leach, Jin Li, Shoumeng Yan, Zhengyu He, Jiannong Cao, Fengwei Zhang.
In Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS'22).
Bibtex for citation:
@inproceedings{deng2022strongbox,
title={StrongBox: A GPU TEE on Arm Endpoints},
author={Deng, Yunjie and Wang, Chenxu and Yu, Shunchang and Liu, Shiqing and Ning, Zhenyu and Leach, Kevin and Li, Jin and Yan, Shoumeng and He, Zhengyu and Cao, Jiannong and others},
booktitle={Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security},
pages={769--783},
year={2022}
}Building a Lightweight Trusted Execution Environment for Arm GPUs.
Wang, Chenxu and Deng, Yunjie and Ning, Zhenyu and Leach, Kevin and Li, Jin and Yan, Shoumeng and He, Zhengyu and Cao, Jiannong and Zhang, Fengwei.
To Appear In IEEE Transactions on Dependable and Secure Computing (TDSC'24), 2024. Impact Factor: 7.329.
Bibtex for citation:
@article{wang2023building,
=title={Building a Lightweight Trusted Execution Environment for Arm GPUs},
=author={Wang, Chenxu and Deng, Yunjie and Ning, Zhenyu and Leach, Kevin and Li, Jin and Yan, Shoumeng and He, Zhengyu and Cao, Jiannong and Zhang, Fengwei},
=journal={IEEE Transactions on Dependable and Secure Computing},
=year={2024},
=publisher={IEEE}
}