Process isolation for cloud computing using commodity operating systems

1. Process isolation for cloud computing using commodity operating systems Wenbo Mao EMC Research China April 15, 2008

2. Outline • Isolation for guest applications in multi-tenancy service provisioning: • Utility, grid, and nowadays very trendy cloud computing • Two sorts of players: “lessor” (resourceful) and “lessee” (resource scarce) • Necessary isolation between applications, and widely known to be done by virtualization techniques: natural isolation between virtual machines (VMs) • Reasoning why inter VM isolation is no good • Inadequate • Impractical • This work: fine-granularity Intra-VM process isolation • Usecase: Green Cloud

3. Virtual Infrastructure Isolation: very meaningful for service provisioning(slide from Mendel Rosenblum, Co-founder of VMWare) Application Protection Engine • Isolation • Introspection • Interposition Service provisioning and reception entities are isolated VMs Operating System Protection Engine

4. The model of Inter-VM isolationTerra, vTPM, OpenTC, etc Virtual Machine Virtual Machine . . . . . . . Security Service VM Commodity OS Commodity OS Commodity OS Virtual Machine Monitor (Hypervisor) Hardware

5. Each process has kernel memory (higher part of the address space) The kernel address space is shared by all processes In the kernel mode (when CPU works for kernel), the kernel can see and access any part of the page table, including the user mapping This is for kernel to provide “room service”. So, your single occupancy as “one VM per application” can never be truly single In a commodity OS, user process is never really isolated Address location in physical memory Kernel mapping Page Table for kernel mapping User mapping . . . . Page Directory page Address location in physical memory page Page Table for user mapping . CR3 . . .

6. Impracticality for inter-VM isolation Inter-VM isolation is not only inadequate, it’s impractical too In multi-tenancy service provisioning, a service provider may need to host thousands of guests at a time; if guest isolation is achieved by one VM per guest application, then • Too many VMs are a wastage of system resources (e.g., IP addresses) • Too many VMs mean more hardware demand: against the original motivation of virtualization for improving resource utilization • Usually an application involves using commercial-off-the-shelf 3rd party software library which is shared by many applications; inter-VM isolation means each application will use a huge library alone, and hence make huge sized VMs

7. Fine granularity process isolation • Isolation done at the process level • Hiding the memory content of user processes from the OS and other processes • Preventing attack from the OS and system services • Even the system administrator can’t launch an attack • Secure integration of third-party software • Making OS security an irrelevant issue • Saving system resources: can run many applications inside one VM

8. Protecting guest processes on untrustworthy OS • Goal: Protect processes from software attacks using commodity OS • Commodity OS is untrustworthy but too complex to repair, so have to live with it • Approach: A behavior conformity layer in a Measured VMM

9. Quick Recall: Trusted Computing Group (TCG)Trusted Platform Module (TPM) TPM—a tamper protected hardware module; it is already in PCs and servers (in wide use today), in mobile gadgets & PDAs (soon) and in peripheral devices such as disks and keyboards (future in TCG’s plan) TPM Platform Attestation Non-Volatile Configuration identity Program Exec Storage Register Key Code Engine ( PCR ) ( AIK ) IO Random SHA - 1 Key RSA Number Opt - In Engine Generation Engine Generator

10. TPM can “eavesdrop” software loading through the I/O bus (Southbridge), and report the stored software environment to a remote querier This is called: Software measurement and Attestation Quick Recall: TCG Story—Software Measurement & Attestation

11. Save and erase user mapping info to a secure buffer when entering kernel mode Restore user mapping when returning to user mode Question: What if user-space address information is needed for “advanced room service” (thinking of auto save, swap)? entry entry entry entry Process Isolation inside memory –Memory arbitration using MVMM (MXEN) User mapping Physical Address Space Page Table Kernel mapping Page Directory About to enter user mode entry About to enter kernel mode Page Table In kernel mode entry NULL In user mode CR3

12. Kernel Space addr 2  seal   User Space of Process  data  addr 1   MXEN Linux Kernel Interrupt Handler Virtual Addr. TSC unseal Interposition Isolation seal Trapping kernel / user interactions Trusted Process   Interposition module intercepts a TSC from a trusted process.  Return from Linux kernel and invoke XEN.  Forward TSC to TSC layer. If with no data exchanges, go to next step directly. If TSC is write-related, data sealing is needed.  Isolation module restores the concealed CPU-context and page table.  Isolation module conceals the CPU-context and user-level page table mappings.  If TSC is read-related, data unsealing is needed before entering user mode.  Transfer the execution to the Linux kernel. Then the interrupt handler in Linux serves the TSC request.  Resume the execution of the trusted process in use mode.

13. Trusted Syscall Normal Syscall Int 0x81 Untrusted Process Int 0x80   iret Hypervisor _iret     MXEN Daoli Performance considerations MXEN only wants “tasty biscuit” • For a “tasty biscuit” • MXEN replaces the system call entry in Interrupt Descriptor Table (IDT) • Binary rewriting trusted process code to make a different interrupt line (0x81), so MXEN will trap • For “staple food” • As usual, kernel will directly trap sys-calls (0x80) from a normal process • These traps are indiscernible to MXEN Trusted Process Linux Kernel Interrupt Handler

14.  Measurement & Delegation  Rolling in ENCk1(code) SEAL(k1||PCRs) Delegated attestation Rolling out ENCk1(code) BIND(k1) MVMM Submitting the encrypted code file AIK’ Deploying ENCk1(code) BIND(k1) Trusted Process Alice’s code file BIND(k1) ENCk1(code) MVMM Migrating to Charlie TPM PCRs AIK SRK Charlie (Host) Whole system view • Key Management Protocols (4 parts): • Establishing software TCB • Deployment of guest applications • Rolling-out and -in of guest applications • Application migration TPM PCRs AIK SRK Bob (Host) Alice Persistent Storage Memory

15. Usecase: “Green Cloud” Green is hot in China too (“Green GDP”) Conventionally (historically) thinking, utility computing should only be done with reputable service providers (that’s why “multi-tenancy” with a large resource lessor), a long term contractual relation between lessor and lessee To increase utilization, a reputable host needs to prepare for “overflow buffers” for off-loading peak time service requests • An “overflow buffer” can be a host of not so reputable • It can be in a location of competitive pricing • Considering peak and trough times in a day and seasonal highs (e.g., Amazon in Christmas season), a host may be in the other side of the world • Ad-hoc relation between a reputable host and an “overflow buffer” So, behavior conformity from process isolation is necessary for a green cloud

16. Green Cloud Consortium • Fudan University • Process isolation & secure VM migration; VMM techniques (XEN) • Huazhong University of Science and Technology (HUST) • Grid & cloud computing; constructing VO by dynamic making & deploying VMs • Wuhan University • Trusted Computing: platform measurement & attestation • VM migration key management protocols • Tsinghua University • “Green Cloud” Usecase

17. Advertisement 3rd Asia-Pacific Trusted Infrastructure Technologies Conference On a cruiser on Yangtze River near Three Gorges Dam, China October 14-17, 2008 Proceedings to be published by IEEE Computer Society Press Sponsored by EMC and VMWare, and co-chaired by EMC Research China http://grid.hust.edu.cn/aptc08/