Secure IVSHMEM: End-to-End Shared-Memory Protocol with Hypervisor-CA Handshake and In-Kernel Access Control

TL;DR

Secure IVSHMEM introduces a security protocol for shared memory in virtualized environments, enabling mutual authentication and access control with minimal performance impact, suitable for safety-critical systems.

Contribution

It presents a novel end-to-end security protocol for IVSHMEM combining handshake, access control, and application integration, addressing security gaps in existing implementations.

Findings

Handshake completed in under 200ms

Round-trip latency within 5% of baseline

Negligible bandwidth overhead

Abstract

In-host shared memory (IVSHMEM) enables high-throughput, zero-copy communication between virtual machines, but today's implementations lack any security control, allowing any application to eavesdrop or tamper with the IVSHMEM region. This paper presents Secure IVSHMEM, a protocol that provides end-to-end mutual authentication and fine-grained access enforcement with negligible performance cost. We combine three techniques to ensure security: (1) channel separation and kernel module access control, (2)hypervisor-mediated handshake for end-to-end service authentication, and (3)application-level integration for abstraction and performance mitigation. In microbenchmarks, Secure IVSHMEM completes its one-time handshake in under 200ms and sustains data-plane round-trip latencies within 5\% of the unmodified baseline, with negligible bandwidth overhead. We believe this design is ideally suited for safety and latency-critical in-host domains, such as automotive systems, where both performance and security are paramount.