Ph.D Thesis


Ph.D StudentMarkuze Alex
SubjectCharacterizing, Exploiting, Detecting
and Preventing DMA Attacks in the
Presence of an IOMMU
DepartmentDepartment of Computer Science
Supervisors ASSOCIATE PROF. Dan Tsafrir
ASSOCIATE PROFESSOR Adam Morrison
Full Thesis textFull thesis text - English Version


Abstract

Malicious I/O devices might compromise the OS using DMAs. The OS therefore utilizes the IOMMU to map and unmap every target buffer right before and after its DMA is processed, thereby restricting DMAs to their designated locations. This usage model, however, is neither truly secure nor can it support multi-gigabit I/O operations. IOMMU provides protection at page granularity only, whereas DMA buffers can reside on the same page as other data leading to sub-page vulnerabilities, which make the system vulnerable to DMA attacks, in which I/O devices access and manipulate memory regions not intended for their use. We first categorize sub-page vulnerabilities into four categories, providing insight into the structure of DMA vulnerabilities.
Then, to exploit these vulnerabilities, we identify a set of three vulnerability attributes that are sufficient to execute code injection attacks. We then build analysis tools that detect sub-page vulnerabilities and analyze the Linux kernel.
We find that 72% of the device drivers expose sensitive callback pointers, which may be overwritten by a device to hijack kernel control flow. Aided by the tools' output, we demonstrate novel code injection attacks on the Linux kernel we term compound attacks.
Specifically, while all previously reported attacks are single-step, i.e., with the vulnerability attributes present in a single page, in compound attacks, the vulnerability attributes are initially incomplete. However, they can be attained by carefully exploiting standard OS behavior. In order to provide performant and secure I/O we propose that OSes utilize the IOMMU differently.
Our new usage model restricts device access to a set of shadow DMA buffers that are never unmapped. The DMAed data is copied to/from these shadow buffers, thus providing sub-page protection. Our key insight is that the cost of
interacting with, and synchronizing access to the slow IOMMU hardware---required for zero-copy protection against devices---make copying preferable to zero-copying. We implement our model in Linux and evaluate it with standard
networking benchmarks utilizing a 40\,Gb/s NIC. We demonstrate that
despite being more secure than the safest preexisting usage model, our
approach provides up to 5 times higher throughput. Additionally, whereas it
is inherently less scalable than an IOMMU-less (unprotected) system,
our approach incurs only 0% -- 25% performance degradation in
comparison. Next, we observe that achieving protection at the DMA (un)map boundary is needlessly constraining, as devices must be prevented from changing the data only after the kernel reads it. So there is no real need to
switch ownership of buffers between kernel and device at the DMA
(un)mapping layer, as opposed to the approach taken by all existing
IOMMU protection schemes. We thus eliminate the extra copy by
(1)~implementing a new allocator called DMA-Aware Malloc for
Networking (DAMN), which (de)allocates packet buffers from a memory
pool permanently mapped in the IOMMU; (2)~modifying the network stack
to use this allocator; and (3)~copying packet data only when the
kernel needs it, which usually morphs the aforementioned extra copy
into the kernel's standard copy operation performed at the user-kernel
boundary. DAMN thus provides full IOMMU protection with performance
comparable to that of an unprotected system.