Architectural Protection of Trusted System Services for SGX Enclaves in Cloud Computing

Data security and privacy are of great concern for users of cloud computing. In order to provide such guarantees in public clouds, hardware manufacturers have designed trusted execution environments such as Intel's Software Guard eXtensions (SGX). Intel SGX supports privacy-preserving, tamper-proof containments called enclaves. Regrettably, an SGX enclave has to rely on the untrusted operating system or hypervisor for underlying services, which contradicts the threat model of Intel SGX. Whereas much of the previous work concentrates on protecting trusted applications by means of modifying a hypervisor, we tackle the problem by reusing existing drivers and leveraging processor-enforced protection. We propose a novel approach, named SMK, to provide trusted system services for SGX enclaves. SMK leverages existing Intel architecture features, i.e., System Management Mode (SMM) and Uniform Extensible Firmware Interface (UEFI). Specifically, we retrofit UEFI firmware and design an isolated micro-kernel inside SMM to securely provision critical system services for enclaves. To highlight the effectiveness and extensibility of SMK, we implement two system services: trusted clock and trusted network. Furthermore, we harden two real-world security-sensitive applications, OpenSSL and OpenVPN, with SMK's system services. Our evaluation indicates that SMK can supply trusted system services for enclaves with modest runtime overheads.