Secure Page Fusion with VUsion - https://www.vusec.net/projects/VUsion

Autor: Kaveh Razavi, Marco Oliverio, Cristiano Giuffrida, Herbert Bos
Rok vydání: 2017
Předmět:
Zdroj: Proceedings of the 26th Symposium on Operating Systems Principles -SOSP '17
Proceedings of the 26th Symposium on Operating Systems Principles-SOSP 17
DOI: 10.1145/3132747.3132781
Popis: To reduce memory pressure, modern operating systems and hypervisors such as Linux/KVM deploy page-level memory fusion to merge physical memory pages with the same content (i.e., page fusion). A write to a fused memory page triggers a copy-on-write event that unmerges the page to preserve correct semantics. While page fusion is crucial in saving memory in production, recent work shows significant security weaknesses in its current implementations. Attackers can abuse timing side channels on the unmerge operation to leak sensitive data such as randomized pointers. Additionally, they can exploit the predictability of the merge operation to massage physical memory for reliable Rowhammer attacks. In this paper, we present VUsion, a secure page fusion system. VUsion can stop all the existing and even new classes of attack, where attackers leak information by side-channeling the merge operation or massage physical memory via predictable memory reuse patterns. To mitigate information disclosure attacks, we ensure attackers can no longer distinguish between fused and non-fused pages. To mitigate memory massaging attacks, we ensure fused pages are always allocated from a high-entropy pool. Despite its secure design, our comprehensive evaluation shows that VUsion retains most of the memory saving benefits of traditional memory fusion with negligible performance overhead while maintaining compatibility with other advanced memory management features.
Databáze: OpenAIRE
Externí odkaz: