Search

CN-122003665-A - Security framework for virtual machines

CN122003665ACN 122003665 ACN122003665 ACN 122003665ACN-122003665-A

Abstract

A security framework for a virtual machine is described. In one or more implementations, the hardware platform includes physical computer hardware including one or more processing units and one or more memories. The system also includes a virtual machine monitor configured to virtualize physical computer hardware of the hardware platform to instantiate a plurality of framework security virtual machines. In addition, the system includes a root frame secure virtual machine instantiated by the virtual machine monitor. According to the described techniques, a root frame secure virtual machine is configured to control access to a hardware platform by a frame secure virtual machine instantiated by a virtual machine monitor.

Inventors

  • RESHMA LAL
  • David A. Kaplan
  • Yelena Ilik

Assignees

  • 超威半导体公司

Dates

Publication Date
20260508
Application Date
20241024
Priority Date
20231024

Claims (15)

  1. 1. A system, the system comprising: A hardware platform comprising physical computer hardware comprising one or more processing units and one or more memories; a virtual machine monitor configured to virtualize the physical computer hardware of the hardware platform to instantiate a plurality of frame safe virtual machines, and A root frame secure virtual machine instantiated by the virtual machine monitor, the root frame secure virtual machine configured to control access to the hardware platform by the plurality of frame secure virtual machines instantiated by the virtual machine monitor.
  2. 2. The system of claim 1, wherein the root frame secure virtual machine is instantiated with rights not granted to the plurality of frame secure virtual machines.
  3. 3. The system of claim 1 or claim 2, wherein the root frame secure virtual machine is configured to implement a secure frame for the plurality of frame secure virtual machines.
  4. 4. A system according to any one of claims 1 to 3, wherein the virtual machine monitor is configured to instantiate the root frame secure virtual machine by sending an initialization message that causes the root frame secure virtual machine to generate a attestation report that can be used by the hardware platform to authenticate the root frame secure virtual machine.
  5. 5. The system of claim 4, wherein the attestation report includes information describing at least one of an authoring entity associated with the root frame secure virtual machine, a secure version of the root frame secure virtual machine, or a memory page to be loaded by the hardware platform for the root frame secure virtual machine.
  6. 6. The system of claim 5, wherein the virtual machine monitor is configured to authenticate the root frame secure virtual machine by generating an encrypted measurement of the memory page to be loaded for the root frame secure virtual machine by the hardware platform.
  7. 7. The system of claim 6, wherein the virtual machine monitor is configured to authenticate the root frame secure virtual machine by obtaining a security certificate from the authoring entity associated with the root frame secure virtual machine and comparing the encrypted measurements to the security certificate.
  8. 8. The system of any of claims 1 to 7, wherein the one or more memories comprise an isolated memory region accessible by the root frame secure virtual machine and inaccessible by the plurality of frame secure virtual machines.
  9. 9. The system of claim 8, wherein the virtual machine monitor is configured to instantiate the root frame secure virtual machine by writing a unique identifier of the root frame secure virtual machine to the isolated memory region.
  10. 10. The system of claim 9, wherein the root frame secure virtual machine is configured to clear the unique identifier from the isolated memory region prior to shutdown.
  11. 11. The system of claim 9, wherein the virtual machine monitor is configured to clear the unique identifier from the isolated memory region in response to detecting that the unique identifier persists in the isolated memory region after the root frame secure virtual machine is shut down.
  12. 12. The system of claim 11, wherein the virtual machine monitor is configured to instantiate an additional root frame secure virtual machine in response to detecting that the unique identifier persists in the isolated memory region after the root frame secure virtual machine is shutdown.
  13. 13. The system of any of claims 1 to 12, wherein the virtual machine monitor is configured to instantiate the root frame secure virtual machine by providing data describing state and configuration information of the hardware platform to the root frame secure virtual machine.
  14. 14. A method, the method comprising: Starting, by the computing device, a virtual machine; Authenticating, by the computing device, the virtual machine by generating a cryptographic metric of at least one memory page loaded by the virtual machine; configuring, by the computing device, the virtual machine as a root frame secure virtual machine configured to control access to the computing device by at least one other virtual machine, and At least one command issued by the root frame secure virtual machine on behalf of the at least one other virtual machine is executed using hardware resources of the computing device.
  15. 15. A method, the method comprising: receiving, by the virtual machine, an initialization message from a virtual machine monitor of the hardware platform; Transmitting, by the virtual machine and to the virtual machine monitor, a attestation report in response to receiving the initialization message, the attestation report including information describing at least one of an authoring entity of the virtual machine, a secure version of the virtual machine, or a memory page to be loaded into memory of the hardware platform for the virtual machine; receiving, by the virtual machine and from the virtual machine monitor, data allowing the virtual machine to control access to the hardware platform by at least one other virtual machine instantiated by the virtual machine monitor, and At least one command is executed by the virtual machine and on behalf of the at least one other virtual machine using resources of the hardware platform.

Description

Security framework for virtual machines Priority The present application claims priority from U.S. provisional patent application No. 63/592,916, filed on 10/24 of 2023, the disclosure of which is hereby incorporated by reference in its entirety. Background Security is essential for virtual machines such as those running using web service providers. Implementing appropriate security measures not only helps to protect sensitive data, but also ensures compliance with various information disclosure regulations. Security measures are critical in maintaining network security, preventing unauthorized access, and mitigating the risk of potential threats. By preventing vulnerabilities, the reliability and integrity of the virtual environment may be ensured. Drawings FIG. 1 is a block diagram of a non-limiting example system having a hardware platform operable to implement a security framework for virtual machines instantiated by a computing system hardware platform using the techniques described herein. FIG. 2 is a block diagram of a non-limiting example system showing the hardware platform of FIG. 1 launching a root frame secure virtual machine in greater detail, in accordance with the described techniques. FIG. 3 is a block diagram of a non-limiting example system showing in greater detail the hardware platform of FIG. 1 starting up a virtual machine without special rights and configuring the virtual machine as a root frame secure virtual machine with special rights. FIG. 4 is a block diagram of a non-limiting example system in accordance with the described technology, showing in greater detail different instances of the hardware platform of FIG. 1 launching a root frame secure virtual machine. FIG. 5 is a block diagram of a non-limiting example process depicting launching execution of a root frame secure virtual machine in accordance with the described technology. FIG. 6 is a block diagram of a non-limiting example process depicting a lifecycle of a root frame secure virtual machine, in accordance with the described techniques. Detailed Description In a computing system architecture where different virtual machines access data stored in system memory, private memory pages of a guest virtual machine are protected via access control by a designated computing system computing unit (such as a secure processor). Secure processor access control prevents unauthorized virtual machines from reading or writing to the guest virtual machine's private memory. However, such access control presents challenges because the designated computing units performing the access control are resource constrained, resulting in limited performance and scalability of the computing system. For example, computing units responsible for access control (e.g., secure processors) have reduced computing resources (e.g., relative to central processing units), slower access to memory, reduced processing power, etc., which create bottlenecks that prevent the computing system from instantiating additional virtual machines without significantly impeding system latency. Thus, conventional access control techniques limit the number of virtual machines that a given computing system can support. To address these conventional shortcomings, a security framework for a virtual machine is described. In implementations, a root trusted client (such as a root frame secure virtual machine) is loaded by a computing system hardware platform and authenticated as a trustworthy entity. For example, a computing system virtual machine monitor (e.g., a hypervisor) causes a root trusted client to generate a client attestation report that includes information such as an authoring entity (e.g., a developer) associated with the root trusted client, a security version number of the root trusted client, and an encryption measure of a memory page of the root trusted client. For example, the virtual machine monitor generates a hash value representing an encrypted measurement of a private memory page loaded from a root trusted client. The security version number and the authoring entity associated with the root trusted client are then used to obtain the security certificate provided by the root trusted client's authoring entity. The cryptographically measured hash value representing the private memory page of the root trusted client is compared to the security certificate. In response to the cryptographic hash value measurement matching the security certificate, such a match means that the root trusted client is secure and trustworthy (e.g., the binary code of the root trusted client is identical to when issued by the authoring entity). Alternatively, if the cryptographic hash value measurement does not match the security certificate, such differences are evidence of interference (e.g., malicious tampering with the binary code of the root trusted client) and indicate that the root trusted client cannot be trusted (e.g., the virtual machine is treated by the computing system as a "cl