Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
149 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Microarchitectural Security of AWS Firecracker VMM for Serverless Cloud Platforms (2311.15999v1)

Published 27 Nov 2023 in cs.CR

Abstract: Firecracker is a virtual machine manager (VMM) built by Amazon Web Services (AWS) for serverless cloud platforms, services that run code for end users on a per-task basis, automatically managing server infrastructure. Firecracker provides fast and lightweight VMs and promises a combination of the speed of containers, typically used to isolate small tasks, and the security of VMs, which tend to provide greater isolation at the cost of performance. This combination of security and efficiency, AWS claims, makes it not only possible but safe to run thousands of user tasks from different users on the same hardware, with the host system frequently switching between active tasks. Though AWS states that microarchitectural attacks are included in their threat model, this class of attacks directly relies on shared hardware, just as the scalability of serverless computing relies on sharing hardware between unprecedented numbers of users. In this work, we investigate how secure Firecracker is against microarchitectural attacks. First, we review Firecracker's stated isolation model and recommended best practices for deployment, identify potential threat models for serverless platforms, and analyze potential weak points. Then, we use microarchitectural attack proof-of-concepts to test the isolation provided by Firecracker and find that it offers little protection against Spectre or MDS attacks. We discover two particularly concerning cases: 1) a Medusa variant that threatens Firecracker VMs but not processes running outside them, and is not mitigated by defenses recommended by AWS, and 2) a Spectre-PHT variant that remains exploitable even if recommended countermeasures are in place and SMT is disabled in the system. In summary, we show that AWS overstates the security inherent to the Firecracker VMM and provides incomplete guidance for properly securing cloud systems that use Firecracker.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (55)
  1. Firecracker: Lightweight Virtualization for Serverless Applications. In NSDI. USENIX Association, 419–434.
  2. Alejandro Cabrera Aldaya and Billy Bob Brumley. 2022. HyperDegrade: From GHz to MHz Effective CPU Frequencies. In USENIX Security Symposium. USENIX Association, 2801–2818.
  3. Port Contention for Fun and Profit. In IEEE Symposium on Security and Privacy. IEEE, 870–887.
  4. Amazon Web Services. 2023a. AWS Fargate. https://docs.aws.amazon.com/eks/latest/userguide/fargate.html accessed: Aug 17, 2023.
  5. Amazon Web Services. 2023b. AWS Lambda Features. https://aws.amazon.com/lambda/features/ accessed: Aug 17, 2023.
  6. Amazon Web Services. 2023c. Firecracker Design. https://github.com/firecracker-microvm/firecracker/blob/9c51dc6852d68d0f6982a4017a63645fa75460c0/docs/design.md.
  7. Amazon Web Services. 2023d. The Firecracker Jailer. https://github.com/firecracker-microvm/firecracker/blob/main/docs/jailer.md. accessed: August 14, 2023.
  8. Amazon Web Services. 2023e. Production Host Setup Recommendations. https://github.com/firecracker-microvm/firecracker/blob/9ddeaf322a74c20cfb6b5af745112c95b7cecb75/docs/prod-host-setup.md. accessed: May 22, 2023.
  9. System Programming in Rust: Beyond Safety. In HotOS. ACM, 156–161.
  10. Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks. In USENIX Security Symposium. USENIX Association, 971–988.
  11. SMoTherSpectre: Exploiting Speculative Execution through Port Contention. In CCS. ACM, 785–800.
  12. LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection. In IEEE Symposium on Security and Privacy. IEEE, 54–72.
  13. A Systematic Evaluation of Transient Execution Attacks and Defenses. In USENIX Security Symposium. USENIX Association, 249–266.
  14. Fallout: Leaking Data on Meltdown-resistant CPUs. In CCS. ACM, 769–784.
  15. Transient Fail [Source Code]. https://github.com/IAIK/transientfail
  16. SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution. In EuroS&P. IEEE, 142–157.
  17. Red Hat Enterprise Linux 7 Resource Management Guide–Using cgroups to manage system resources on RHEL. Red Hat, Inc. https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/pdf/resource_management_guide/red_hat_enterprise_linux-7-resource_management_guide-en-us.pdf accessed: Aug 17, 2023.
  18. SpectreRewind: Leaking Secrets to Past Instructions. In ASHES@CCS. ACM, 117–126.
  19. KASLR is Dead: Long Live KASLR. In ESSoS (Lecture Notes in Computer Science, Vol. 10379). Springer, 161–176.
  20. Pawan Gupta. 2020. TAA - TSX Asynchronous Abort. The Linux Kernel Organization. https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html accessed: Aug 17, 2023.
  21. Tyler Hicks. 2019. MDS - Microarchitectural Data Sampling. The Linux Kernel Organization. https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html accessed: Aug 17, 2023.
  22. Jann Horn. 2018. Speculative execution, variant 4: speculative store bypass. https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 accessed: Aug 17, 2023.
  23. Intel. 2018. Speculative Execution Side Channel Mitigations. https://www.intel.com/content/dam/develop/external/us/en/documents/336996-speculative-execution-side-channel-mitigations.pdf. rev. 3.0 accessed: Mar 22, 2023.
  24. Intel. 2019a. Intel Transactional Synchronization Extensions (Intel TSX) Asynchronous Abort. Technical Report. Intel Corp. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/intel-tsx-asynchronous-abort.html accessed: Aug 17, 2023.
  25. Intel. 2019b. Microarchitectural Data Sampling. Technical Report. Intel Corp. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/intel-analysis-microarchitectural-data-sampling.html ver. 3.0, accessed: Aug 17, 2023.
  26. Intel. 2020. Vector Register Sampling. Technical Report. Intel Corp. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/vector-register-sampling.html accessed: Aug 17, 2023.
  27. Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel. In NDSS. The Internet Society.
  28. Vladimir Kiriansky and Carl A. Waldspurger. 2018. Speculative Buffer Overflows: Attacks and Defenses. CoRR abs/1807.03757 (2018).
  29. kvm: the Linux Virtual Machine Monitor. In Linux Symposium, Vol. 1. kernel.org, 225–230.
  30. Spectre Attacks: Exploiting Speculative Execution. In IEEE Symposium on Security and Privacy. IEEE, 1–19.
  31. Spectre Returns! Speculation Attacks using the Return Stack Buffer. In WOOT @ USENIX Security Symposium. USENIX Association.
  32. Meltdown: Reading Kernel Memory from User Space. In USENIX Security Symposium. USENIX Association, 973–990.
  33. Giorgi Maisuradze and Christian Rossow. 2018. ret2spec: Speculative Execution Using Return Stack Buffers. In CCS. ACM, 2109–2122.
  34. Hyper-Threading Technology Architecture and Microarchitecture. Intel Technology Journal 6, 1 (2002), 4–15.
  35. Daniel Moghimi. 2020. Medusa Code Repository [Source Code]. https://github.com/flowyroll/medusa
  36. Daniel Moghimi. 2023. Downfall: Exploiting Speculative Data Gathering. In USENIX Security Symposium. USENIX Association, 7179–7193.
  37. Medusa: Microarchitectural Data Leakage via Automated Attack Synthesis. In USENIX Security Symposium. USENIX Association, 1427–1444.
  38. Swivel: Hardening WebAssembly against Spectre. In USENIX Security Symposium. USENIX Association, 1433–1450.
  39. Cache Attacks and Countermeasures: The Case of AES. In CT-RSA (Lecture Notes in Computer Science, Vol. 3860). Springer, 1–20.
  40. Prime+Scope: Overcoming the Observer Effect for High-Precision Cache Contention Attacks. In CCS. ACM, 2906–2920.
  41. Qumranet Inc. 2006. KVM: Kernel-based Virtualization Driver, White Paper. Technical Report. Qumranet Inc. https://docs.huihoo.com/kvm/kvm-white-paper.pdf accessed: Aug 17, 2023.
  42. Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks. In USENIX Security Symposium. USENIX Association, 1451–1468.
  43. Port Contention Goes Portable: Port Contention Side Channels in Web Browsers. In AsiaCCS. ACM, 1182–1194.
  44. CPU Port Contention Without SMT. In ESORICS (3) (Lecture Notes in Computer Science, Vol. 13556). Springer, 209–228.
  45. Donky: Domain Keys - Efficient In-Process Isolation for RISC-V and x86. In USENIX Security Symposium. USENIX Association, 1677–1694.
  46. ZombieLoad: Cross-Privilege-Boundary Data Sampling. In CCS. ACM, 753–768.
  47. Inception: Exposing New Attack Surfaces with Training in Transient Execution. In USENIX Security Symposium. USENIX Association, 7303–7320.
  48. Paul Turner. 2018. Retpoline: a software construct for preventing branch-target-injection. https://support.google.com/faqs/answer/7625886. accessed: Mar 22, 2023.
  49. ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK). In USENIX Security Symposium. USENIX Association, 1221–1238.
  50. RIDL: Rogue In-Flight Data Load. In IEEE Symposium on Security and Privacy. IEEE, 88–105.
  51. RIDL [Source Code]. https://github.com/vusec/ridl
  52. Johannes Wikner and Kaveh Razavi. 2022. RETBLEED: Arbitrary Speculative Code Execution with Return Instructions. In USENIX Security Symposium. USENIX Association, 3825–3842.
  53. Phantom: Exploiting Decoder-detectable Mispredictions. In MICRO (to appear). IEEE.
  54. Yuval Yarom and Katrina Falkner. 2014. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. In USENIX Security Symposium. USENIX Association, 719–732.
  55. The True Cost of Containing: A gVisor Case Study. In HotCloud. USENIX Association.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets