Title | StrongBox: A GPU TEE on Arm Endpoints |
Author | |
Corresponding Author | Fengwei Zhang |
Joint first author | Yunjie Deng; Chenxu Wang |
DOI | |
Publication Years | 2022-11-07
|
Conference Name | 2022 ACM SIGSAC Conference on Computer and Communications Security
|
Conference Date | November 7–11, 2022
|
Conference Place | Los Angeles, CA, USA
|
Abstract | A wide range of Arm endpoints leverage integrated and discrete GPUs to accelerate computation such as image processing and numerical processing applications. However, in spite of these important use cases, Arm GPU security has yet to be scrutinized by the community. By exploiting vulnerabilities in the kernel, attackers can directly access sensitive data used during GPU computing, such as personally-identifiable image data in computer vision tasks. Existing work has used Trusted Execution Environments (TEEs) to address GPU security concerns on Intel-based platforms, while there are numerous architectural differences that lead to novel technical challenges in deploying TEEs for Arm GPUs. In addition, extant Arm-based GPU defenses are intended for secure machine learning, and lack generality. There is a need for generalizable and efficient Arm-based GPU security mechanisms. To address these problems, we present StrongBox, the first GPU TEE for secured general computation on Arm endpoints. During confidential computation on Arm GPUs, StrongBox provides an isolated execution environment by ensuring exclusive access to the GPU. Our approach is based in part on a dynamic, fine-grained memory protection policy as Arm-based GPUs typically share a unified memory with the CPU, a stark contrast with Intel-based platforms. Furthermore, by characterizing GPU buffers as secure and non-secure, StrongBox reduces redundant security introspection operations to control access to sensitive data used by the GPU, ultimately reducing runtime overhead. Our design leverages the widely-deployed Arm TrustZone and generic Arm features, without hardware modification or architectural changes. We prototype StrongBox using an off-the-shelf Arm Mali GPU and perform an extensive evaluation. Our results show that StrongBox successfully ensures the GPU computing security with a low (4.70% - 15.26%) overhead across several indicative benchmarks. |
SUSTech Authorship | First
; 共同第一
; Corresponding
|
Language | English
|
URL | [Source Record] |
Data Source | 人工提交
|
PDF url | https://dl.acm.org/doi/pdf/10.1145/3548606.3560627 |
Citation statistics |
Cited Times [WOS]:0
|
Document Type | Conference paper |
Identifier | http://kc.sustech.edu.cn/handle/2SGJ60CL/416079 |
Department | Research Institute of Trustworthy Autonomous Systems 工学院_计算机科学与工程系 |
Affiliation | 1.Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology 2.Department of Computer Science and Engineering, Southern University of Science and Technology 3.Department of Computing, The Hong Kong Polytechnic University 4.Hunan University 5.Institute for Software Integrated Systems, Vanderbilt University, USA 6.School of Computer Science, Guangzhou University 7.Ant Group, China |
First Author Affilication | Research Institute of Trustworthy Autonomous Systems; Department of Computer Science and Engineering |
Corresponding Author Affilication | Research Institute of Trustworthy Autonomous Systems; Department of Computer Science and Engineering |
First Author's First Affilication | Research Institute of Trustworthy Autonomous Systems |
Recommended Citation GB/T 7714 |
Yunjie Deng,Chenxu Wang,Shunchang Yu,et al. StrongBox: A GPU TEE on Arm Endpoints[C],2022.
|
Files in This Item: | ||||||
File Name/Size | DocType | Version | Access | License | ||
2022strongboxdownloa(1679KB) | Open Access | -- | View |
|
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment