Bao-Enclave: Virtualization-based Enclaves for Arm

TL;DR

Bao-Enclave introduces a virtualization-based approach for Arm TEEs, enabling security functions to run in isolated VMs outside the TEE, improving security and performance on real hardware.

Contribution

It presents Bao-Enclave, a novel virtualization solution that reduces TEE complexity and enhances security by isolating security functions in lightweight VMs.

Findings

Performance of security workloads improved up to 4.8x

Simplifies TEE software Trusted Computing Base (TCB)

Effective on real hardware platforms

Abstract

General-purpose operating systems (GPOS), such as Linux, encompass several million lines of code. Statistically, a larger code base inevitably leads to a higher number of potential vulnerabilities and inherently a more vulnerable system. To minimize the impact of vulnerabilities in GPOS, it has become common to implement security-sensitive programs outside the domain of the GPOS, i.e., in a Trusted Execution Environment (TEE). Arm TrustZone is the de-facto technology for implementing TEEs in Arm devices. However, over the last decade, TEEs have been successfully attacked hundreds of times. Unfortunately, these attacks have been possible due to the presence of several architectural and implementation flaws in TrustZone-based TEEs. In this paper, we propose Bao-Enclave, a virtualization-based solution that enables OEMs to remove security functionality from the TEE and move them into normal world isolated environments, protected from potentially malicious OSes, in the form of lightweight virtual machines (VMs). We evaluate Bao-Enclave on real hardware platforms and find out that Bao-Enclave may improve the performance of security-sensitive workloads by up to 4.8x, while significantly simplifying the TEE software TCB.