MlsDisk is a multilayered log-structured secure virtual disk for TEEs, which has the following key features:
-
Transparent protection. As a virtual disk, MlsDisk can transparently protect any file system (e.g., Ext4) that is stacked upon it and runs inside a Trusted Execution Environment (TEE) from a strong adversary outside the TEE.
-
Strong security. MlsDisk promises six security properties: confidentiality, integrity, freshness, consistency, atomicity, and irreversibility. For more information, see the section Security Guarantees below.
-
High performance. Thanks to its unique multilayered log-structured design, MlsDisk can deliver an excellent I/O performance that is close to the theoretically optimal level.
MlsDisk targets a typical setting of TEE usage, where applications are ported into the TEE with no (or few) modifications thanks to a TEE-aware runtime. For enclave TEEs (e.g., Intel SGX), one popular choice for such a runtime is library OSes (e.g., Occlum). For VM TEEs (e.g., AMD SEV), one can choose off-the-shelf OS kernels like Linux.
As shown in the image above, the TEE runtime is integrated with MlsDisk,
which serves as a secure block device that supports three standard block I/O commands
including read(), write(), and sync(). From the perspective of MlsDisk's users (e.g., file systems),
all data written to or read from MlsDisk is in plaintext.
To serve these I/O requests securely, MlsDisk takes some extra security measures,
including but not limited to encrypting/decrypting the data
transferred to/from the host block device properly.
MlsDisk promises to provide six security guarantees to its users (e.g., file systems), outlined as follows:
- Confidentiality guarantees that the user data submitted by any write is not leaked and thus prevents tampering attacks.
- Integrity promises that the user data returned from any read are genuinely generated by the user and thus prevents snooping attacks.
- Freshness ensures that the user data returned from any read are up-to-date and thus prevents rollback attacks.
- Consistency ensures that all the security guarantees are held despite any accidental crashes or crashing attacks.
- Atomicity promises that all writes before a sync operation are persisted in an all-or-nothing manner.
- Irreversibility promises the sync operation is irreversible regardless whether TEE is online or not.
Prior disk I/O protection solutions only provide a subset of MlsDisk's security guarantees. For example, Linux's dm-crypt and dm-integrity only protect confidentiality and integrity, respectively. Although Linux's dm-verity ensures both integrity and freshness, it is read-only. As another example, Intel SGX Protected File System Library protects confidentiality, integrity, freshness, and consistency, but falls short of atomicity and irreversibility.
MlsDisk is written in Rust.
The core of MlsDisk's design resides in core/layers,
showcasing its multilayered log-structured approach.
MlsDisk is also engineered to be portable across different OSes and TEEs,
with platform-specific implementations found in core/os and
notably linux for Linux integration.
As of this moment, MlsDisk has been integrated into two OSes.
- Integrated into Linux based on Rust-for-Linux, which is for use in VM TEEs like AMD SEV and Intel TDX.
- Integrated into Occlum, a Rust library OS, which is for use in Intel SGX enclaves.
We plan to release a research paper that describes the design and implementation of MlsDisk in the near future.
MlsDisk achieves superior performance compared to the state-of-the-art solutions, thanks to its advanced multilayered log-structured design, with minimal I/O amplification. The comparative results under the Fio benchmark against two other virtual disks are presented below.
| 100GiB data (MiB/s) |
seq-write | rnd-write-4K | rnd-write-32K | rnd-write-256K | seq-read | rnd-read-4K | rnd-read-32K | rnd-read-256K |
|---|---|---|---|---|---|---|---|---|
| MlsDisk | 960 | 605 | 842 | 928 | 1128 | 140 | 446 | 992 |
| CryptDisk (encrypt-only baseline) | 982 | 45.5 | 271 | 860 | 1203 | 165 | 489 | 1057 |
| PfsDisk (based on SGX-Pfs) | 103 | 19.2 | 57.8 | 86.1 | 340 | 84.7 | 245 | 321 |
For more comprehensive performance evaluation, please look forward to our upcoming paper.
Except where noted otherwise, the individual files within this package are licensed as MPL v2.0 license. However, when linked together to form a Linux kernel module, the resulting Linux kernel module is dual licensed as MPLv2/GPLv2.