Protected Execution Facility
Guerney Hunt
IBM Research
Security remains a key concern for both traditional and cloud computing workloads. One objective is keeping applications (or containers) secure in the presence of attacks or compromised components, including the underlying systems. This talk presents how these challenges are addressed on the Power Architecture.
We present the Protected Execution Facility ― an architecture modification for IBM Linux and OpenPower Linux servers ― along with the associated firmware, the Protected Execution Ultravisor which provides additional security to virtual machines ― called secure virtual machines (SVMs). The Protected Execution Facility concurrently supports both normal VMs and SVMs.
We review the main components of the architectural modifications and how they are exploited by the Protected Execution Ultravisor. We also describe the tooling required to build an SVM. Finally, we discuss the protections provided to SVMs and the current set of restrictions.
|
|
|
|
|
|
| ▭ | Slides |
Resources
- IBM Portal for OpenPOWER
- IBM CryptoCard HSM
- IBM Research SecureBlue CPU (2016)
- IBM LinuxOne Mainframe (2017)
References
- IBM, POWER9 Processor Programming Model Bulletin (2019)
- U.S. AFRL, Hardware Support for Malware Defense and End-to-End Trust (2017)
- Trust and Trustworthy Computing, CPU Support for Secure Executables (2011)
Presenter
- Protected Execution Facility (Linux Security Summit EU 2018)
- Protected Execution Facility (Linux Security Summit NA 2018)
Related
- Linux kernel, Protected Execution Facility
- RaptorCS, POWER9 wiki
- RaptorCS, Power ISA/Privilege States