一种新的RISC-V封装内存管理方法

Workshop on Hardware and Architectural Support for Security and Privacy Pub Date : 2021-10-18 DOI:10.1145/3505253.3505257

Hao Li, Weijie Huang, Mingde Ren, Hongyi Lu, Zhenyu Ning, Heming Cui, Fengwei Zhang

{"title":"一种新的RISC-V封装内存管理方法","authors":"Hao Li, Weijie Huang, Mingde Ren, Hongyi Lu, Zhenyu Ning, Heming Cui, Fengwei Zhang","doi":"10.1145/3505253.3505257","DOIUrl":null,"url":null,"abstract":"Trusted Execution Environment (TEE) is a popular technology to protect sensitive data and programs. Recent TEEs have proposed the concept of enclaves to execute code processing sensitive data, which cannot be tampered with even by a malicious OS. However, due to hardware limitations and security requirements, existing TEE architectures usually offer limited memory management, such as dynamic memory allocation, defragmentation, etc. In this paper, we present Ashman—a novel software-based memory management extension of TEE on RISC-V, including dynamic memory allocation, migration, and defragmentation. We integrate Ashman into a self-designed TEE and evaluate the performance on a real-world development board. Experimental results have shown that Ashman provides memory management functions similar to native user applications while ensuring enclave security without modifying hardware.","PeriodicalId":342645,"journal":{"name":"Workshop on Hardware and Architectural Support for Security and Privacy","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A Novel Memory Management for RISC-V Enclaves\",\"authors\":\"Hao Li, Weijie Huang, Mingde Ren, Hongyi Lu, Zhenyu Ning, Heming Cui, Fengwei Zhang\",\"doi\":\"10.1145/3505253.3505257\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Trusted Execution Environment (TEE) is a popular technology to protect sensitive data and programs. Recent TEEs have proposed the concept of enclaves to execute code processing sensitive data, which cannot be tampered with even by a malicious OS. However, due to hardware limitations and security requirements, existing TEE architectures usually offer limited memory management, such as dynamic memory allocation, defragmentation, etc. In this paper, we present Ashman—a novel software-based memory management extension of TEE on RISC-V, including dynamic memory allocation, migration, and defragmentation. We integrate Ashman into a self-designed TEE and evaluate the performance on a real-world development board. Experimental results have shown that Ashman provides memory management functions similar to native user applications while ensuring enclave security without modifying hardware.\",\"PeriodicalId\":342645,\"journal\":{\"name\":\"Workshop on Hardware and Architectural Support for Security and Privacy\",\"volume\":\"29 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Workshop on Hardware and Architectural Support for Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3505253.3505257\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Workshop on Hardware and Architectural Support for Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3505253.3505257","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

可信执行环境(TEE)是一种保护敏感数据和程序的流行技术。最近的tee提出了enclave的概念，用于执行处理敏感数据的代码，即使是恶意操作系统也无法篡改。然而，由于硬件限制和安全需求，现有TEE体系结构通常提供有限的内存管理，例如动态内存分配、碎片整理等。在本文中，我们提出了一个新的基于软件的内存管理扩展TEE在RISC-V，包括动态内存分配，迁移和碎片整理。我们将Ashman集成到自己设计的TEE中，并在实际开发板上评估其性能。实验结果表明，Ashman提供了类似于本地用户应用程序的内存管理功能，同时无需修改硬件即可确保enclave安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

A Novel Memory Management for RISC-V Enclaves

Trusted Execution Environment (TEE) is a popular technology to protect sensitive data and programs. Recent TEEs have proposed the concept of enclaves to execute code processing sensitive data, which cannot be tampered with even by a malicious OS. However, due to hardware limitations and security requirements, existing TEE architectures usually offer limited memory management, such as dynamic memory allocation, defragmentation, etc. In this paper, we present Ashman—a novel software-based memory management extension of TEE on RISC-V, including dynamic memory allocation, migration, and defragmentation. We integrate Ashman into a self-designed TEE and evaluate the performance on a real-world development board. Experimental results have shown that Ashman provides memory management functions similar to native user applications while ensuring enclave security without modifying hardware.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Workshop on Hardware and Architectural Support for Security and Privacy

自引率

0.00%

发文量