Virtual Machines Jailed Virtualization in Systems with Small Trusted Computing Bases Michael Peter, Henning Schild, Adam Lackorzynski, Alexander Warg Technische Universität Dresden Department of Computer Science Operating Systems Group {peter, hschild, adam, warg}@os.inf.tu-dresden.de ABSTRACT Linux kernel contains about 200,000 SLOC and the majority 2 The trusted computing base of legacy applications can be of production con gurations are signi cantly larger . With reduced signi cantly by separating their security{critical such a size, vulnerabilities are unavoidable[3]. Even worse, parts into dedicated protection domains. As yet, paravir- the attacker does not need to compromise the kernel, as tualization has been used to host the non{secure portion. it is sucient to gain control over one of several processes The applicability of this approach is limited by the need of running with superuser privileges. For example, current X11 source code access. We show how to implement ecient implementations comprise 1.25 million lines of code. Bu er virtual machines in a microkernel{based system enabling over ows, as observed in the past [4], have the potential to the reuse of arbitrary operating systems. We found that seize complete control over the machine. the performance is on par with other virtual machine imple- With about two defects per 1,000 SLOC [17] produced mentations, while security{sensitive applications retain their even by leading software-development organizations, error- small trusted computing base. In fact, the kernel growth free software is elusive in the foreseeable future and other is marginal (500 SLOC), other security{critical components mitigations should be considered. Proposed for more than are not a ected. three decades [22], subdividing software into trusted and untrusted components has eventually been recognized as the best practice [24, 12, 21, 20, 11]. Categories and Subject Descriptors Microkernels have a record for being a suitable foundation D.4.6 [Operating Systems]: Security Kernels; D.4.8 upon which highly decomposed systems can be built. As for [Operating Systems]: Performance any novel system, lack of applications is an issue. From the technical point of view, building a completely new General Terms operating system stack with desirable properties followed by porting applications is the most appealing solution. But Design, Security, Performance it also comes with the highest costs. A more pragmatic approach is to port whole legacy systems which obviates Keywords changes to applications. Nonetheless the kernel has to be Virtualization, Small Trusted Computing Base, Secure Sys- adapted to run on top of the microkernel instead of bare tems, Microkernel hardware. Although possible, porting is labor{intensive or even impossible without source code access. In this paper, we show how a microkernel can be extended 1. INTRODUCTION to support CPU and memory virtualization both of which Visiting the web page of his bank, a user must trust are crucial for the implementation of virtual machines software on his machine that can easily comprise millions of (VMs). We start with a small system where the security source lines of code (SLOC). Contemporary web browsers, critical core system, i.e. the kernel and base infrastructure, 1 such as Firefox, which alone accounts for 2.5 million SLOC contains less than 150,000 SLOC. Adding support for virtu- are targeted recurrently[2]. Private data may be exposed alization resulted in a modest growth of 500 SLOC in kernel possibly resulting in personal distress or nancial losses. size, which was the only increase of the trusted computing Considering the size of trusted components, the situation base (TCB) for security{concerned applications. is similar at the system level. A minimal con guration of the We will proceed as follows: Section 2 will revisit the 1Firefox 3.0 measured with David A. Wheelers SLOCCount fundamentals, before the design is described in Section 3. Our evaluation in Section 4 shows that the performance is on par with established solutions, which is noteworthy because previous secure systems often had to pay a security tax. Related work will be discussed in Section 5 and will be followed by concluding remarks. This is the author’s version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in VTDS 2009, March 31, 2009, Nuremberg, Germany. 2 Copyright 2009 ACM 978-1-60558-473-7 ...$5.00. Linux 2.6.29 comprises about 7 million SLOC 2. BACKGROUND 2.2 Splitting Applications The conceptionally most appealing approach | rebuilding 2.1 Microkernel-based Systems an application with a small TCB | is impractical in most Microkernels grew out of the insight that error{prone cases. This can be illustrated with the example of a device drivers should not reside in a location where isolation contemporary web browser: Given that a browser runs on cannot be enforced; and neither should resource allocation a secure operating system, it still has a TCB of hundreds policies, which have the potential of yielding much better of thousands, if not millions of lines of code. Modern performance, if user{level knowledge is incorporated. web pages apply sophisticated transformations to adapt Following the L4 [16] philosophy, L4/Fiasco aims at their presentation. They often use scripting, which is minimality in the kernel. Functionality is only admitted indispensable for rich web applications, and employ plugins into the kernel if either it cannot be implemented at for more elaborate dynamic content. user{level without compromising on security, or an user{ If an application has to be available then there is no other level implementation had a severely adverse impact on choice than to make sure that all contributing components 3 performance. Page table related operations (address space are also available. Fortunately, security has less stringent construction) are an example for the former, scheduling is requirements. For many use cases it is acceptable that an one for the latter. application fails as long as there are no harmful e ects. As communication overhead had proven to be crucial for An example is an online banking transaction as described the viability of a microkernel, early work on L4 was primarily in [23], where a full featured web browser is usually involved. focused on inter-process communication (IPC) performance, The user authorizes a bank transfer with a Transaction which was a prerequisite for ne-grained isolation. When Authentication Number (TAN) where it needs to be made this problem was solved the attention turned towards secu- sure that the TAN is not stolen or data of the transaction rity, where the global name space was swiftly identi ed as is modi ed by intruders. In a split application scenario the problematic. Various development lines arose all with the user uses his regular web browser but the nal transaction goal to adopt a capability{based access control mechanism, is displayed by a secure component and the TAN is entered which had been advocated as the method of choice [19]. only there. The secure side also handles the encryption of Our e orts have resulted in L4/Fiasco, a microkernel which the transaction, which is nally sent to the bank via the employs capability mediation for all kernel objects. legacy operating system. This scenario handles threats like In the remainder of this section, we will brie y intro- keyloggers or viruses that exploit vulnerabilities somewhere duce L4 mechanisms as far as they are needed for the in the sizable software stack. comprehension. An L4 task embodies a protection domain and serves as a container for resources such as memory. 3. DESIGN AND IMPLEMENTATION L4 threads, the unit of scheduling, execute in tasks and The objective of our design is the support of virtual communicate via synchronous IPC. Apart from simple machines in an environment that at the same time allows message exchange, IPC is also used for capability transfer for secure applications with a small TCB. Secure applica- and fault re ection. In L4{speak, granting capabilities via tions may use VM{hosted functionality through the split IPC is called mapping, the revocation is called unmapping. application design pattern (see Section 2.2). A pager is a program that ful ls the role of handling faults by mapping capabilities. The size of an appropriately con gured development 3.1 Virtualization Aspects version of L4/Fiasco is approximately 26,000 SLOC, which The implementation of a virtual machine can be broken is two orders of magnitude smaller than current commodity down into virtualization of the CPU and memory and device monolithic kernels. virtualization. A microkernel is of little use on its own. It is rather CPU and memory virtualization are tightly coupled and the microkernel{based system that provides utility to the critical to the performance of a VM. It is desirable to end user. The execution environment needs to supply basic execute as many instruction as possible natively on the functionality, such as memory management, CPU and device processor. Recent virtualization extensions in commodity resources, infrastructure and service discovery, or common processors allow for ecient CPU virtualization with low application libraries. software complexity. Switching CPU execution modes is a Based on the kernel mechanisms we developed a runtime highly intrusive operation that involves page tables de ning environment that provides this set of abstractions. It's the execution environment. Since only the kernel can overall structure is hierarchical and allows the construction guarantee the validity of page tables, this operation has to be of isolated compartments with di ering characteristics. integrated into the kernel's protection domain management. Some avor of virtualization is the most convenient way The guest in a VM employs it's own virtual memory de ning it through page tables in (guest) physical memory which to provide access to legacy applications.