Modeling and Abstraction of Memory Management in a …people.rennes.inria.fr/Pauline.Bolignano/downloads/BJS16_slides.pdf · Modeling and Abstraction of Memory Management in a Hypervisor

Modeling and Abstraction of Memory Management in a Hypervisor

Modeling and Abstraction of MemoryManagement in a Hypervisor

Pauline Bolignano 1,2 Thomas Jensen 1 Vincent Siles 2

1Inria, Rennes, France

2Prove & Run, Paris, France

April 6th, 2016


Problem Overview

Hypervisors

Hypervisors

I Allow to run several OSeson the same platform.

I Allow to run legacy OS.

I Are security criticalcomponents.

I Bugs are severe.I Xen bug in Page Tables

Management [1].

Gu

est

OS

2

Gu

est

OS

3

Gu

est

OS

4

Gu

est

OS

1

Gu

est

OS

0

Hypervisor

Hardware

[1] https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-022-2015.txt

2 / 25


Problem Overview

Hypervisors

Targeted Properties

Isolation:

I Integrity.

I Confidentiality.

On:

I Memory.

I Registers.

Out of the model:

I Side Channels.

Gu

est

OS

2

Gu

est

OS

3

Gu

est

OS

4

Gu

est

OS

1

Gu

est

OS

0

Hypervisor

Hardware

3 / 25


Problem Overview

Shadow Page Tables

Memory Management for an OSI The MMU translates virtual addresses to physical addresses

with the Page Tables.

I Each Page Table defines an address space.

Virtual Address Space

OS Physical Memory

Page Table Pointer PT level 1

PT level 2

Addr Space A Addr Space B Addr Space C

OS Physical Memory

Page Tables

4 / 25


Problem Overview

Shadow Page Tables

Memory Management for an OSI The MMU translates virtual addresses to physical addresses

with the Page Tables.I Each Page Table defines an address space.

Virtual Address Space

OS Physical Memory

Page Table Pointer PT level 1

PT level 2


OS Physical Memory

Page Tables

4 / 25


Problem Overview

Shadow Page Tables

Memory Management for a Hypervisor

Shadow Page Tables combine Guest Page Tables and HypervisorPage Tables.


Guest 0

GPT


Guest 1

GPT

Guest 0 Guest 1 Hypervisor

Hypervisor Guest 0Guest 1

HPT

SPT

GVA

IPA

HVA

PA

5 / 25


Problem Overview

Shadow Page Tables




Guest 0

GPT


Guest 1

GPT



HPT

SPT

GVA

IPA

HVA

PA

5 / 25


Problem Overview

Shadow Page Tables




Guest 0

GPT


Guest 1

GPT



HPT

SPT

GVA

IPA

HVA

PA

5 / 25


Problem Overview

Shadow Page Tables




Guest 0

GPT


Guest 1

GPT



HPT

SPT

GVA

IPA

HVA

PA

5 / 25


Problem Overview

Context

Context

Prove & Run:

I Develops Tools:I Language (Smart).I Prover.

I Develops and proves highly secure systems:I Micro-kernels.I Hypervisors.

6 / 25


Problem Overview

Context

Our Work

Which hypervisor?

I Developed by SecT team (TU Berlin).

I Para-virtualized.

I With Shadow Page Tables.

I With static configuration of memory access rights.

Which tools?

I Prove & Run Language and Prover.

7 / 25


Proving Properties on a Hypervisor

Outline

Problem OverviewHypervisorsShadow Page TablesContext

Proving Properties on a HypervisorMethodologyAbstract State Transition SystemConcrete State Transition System

ImplementationSmartState of the ProofConclusions

8 / 25



Methodology

Proof by Abstraction

σ σ′

α(σ) α(σ)’=α(σ′)

concrete transition

abstract transition

abstraction

abst

raction

I Isolation on the abstract system implies isolation on theconcrete system.

I The abstract state must be precise enough to express ourproperties on it.

9 / 25



Methodology

Correspondence between Concrete and AbstractTransitions

Flow:

1

0 2

Guest Trans

Hyp Trans

Restore

Privileged

Unprivileged

Hypervisor Transitions:

Concrete Abstract

SwitchPage Fault with MMUPage Fault without MMU MemoryFlush ManagementActivate MMUDeactivate MMU

Schedule Schedule

Inject SWIInject UNDInject ABT Modify RegistersAccess Privileged Registers

Handle IRQPassthrough IRQ NopFetch IRQ

10 / 25



Abstract State Transition System

Abstract State

Abstract State :

σα = 〈curr , σ1, ...σn〉

Where, for all i :

σi = 〈regs, priv , 〈s1, ..., sn〉, 〈r1, ..., rn〉〉I priv : private segment of i .

I σi .sk : send segment from i to k.

I σi .rk : receive segment from k to i ,in particular σi .rk = σk .si .

041CFF5EBD6CA9priv

ABF4E75E229F6B

send

0DE389E913AB8D

receive

regs

σ1

965FD587EF524Apriv

0DE389E913AB8D

send

ABF4E75E229F6B

receive

regs

σ2

11 / 25




Properties on the Abstract Model

Integrity Theorem: Let i and j be two guest indexes such thati 6= j . Consider a transition where j is the running guest. If

〈j , σ1, ..., σi , ..., σn〉 → 〈j ′, σ′1, ..., σ′i , ..., σ′n〉

then

I σ′i .priv = σi .priv

I ∀k , σ′i .sk = σi .skI ∀k 6= j , σ′i .rk = σi .rk

12 / 25




Abstract Guest Transition

041CFF5EBD6CA9priv

ABF4E75E229F6B

send

0DE389E913AB8D

receive

regs

σ1

965FD587EF524Apriv

0DE389E913AB8D

send

ABF4E75E229F6B

receive

regs

σ2

guest trans

1435

E6

AD859A

16priv

78

7D

A5

42

56

41

12send

0DE389E913AB8D

receive

regsσ′1

965FD587EF524Apriv

0DE389E913AB8D

send

78

7D

A5

42

56

41

12receive

regs

σ′2

σ′i = run(σi )

∀k 6= i , σ′k = σk [riVAL←−− σ′i .sk ]

〈i ,σ1σ1σ1, ...σnσnσn〉 → 〈i ,σ′1σ′1σ′1, ...σ

′nσ′nσ′n〉

13 / 25




Abstract Memory Management Transition

041CFF5EBD6CA9priv

ABF4E75E229F6B

send

0DE389E913AB8D

receive

regs

σ1

965FD587EF524Apriv

0DE389E913AB8D

send

ABF4E75E229F6B

receive

regs

σ2

mm trans

041CFF5EBD6CA9priv

ABF4E75E229F6B

send

0DE389E913AB8D

receive

regsσ′1

965FD587EF524Apriv

0DE389E913AB8D

send

ABF4E75E229F6B

receive

regs

σ′2

decode(σi .abs regs) = mm(σ′i )

〈i , σ1, ...σiσiσi , ...σn〉 → 〈i , σ1, ...σ′iσ′iσ′i , ...σn〉

14 / 25



Concrete State Transition System

Concrete State

Concrete State:

σ = 〈σHW, σHYP, exception〉

Where:

I σHW = 〈mem, base, level , regsgp, regsmmu, regsgic〉I σHYP = 〈curr , σint, 〈σG1, ..., σGn〉〉I σGi = 〈vbase, vmode, vbnk, vregsgp, vregsmmu, vregsgic〉

15 / 25




Page Fault Transition:decode(abt, σHW) = pf (gva) σGi .vregsmmu.pg = enabled

hpt(σGi .vbase) = (pbase, ) {(gva, (ipa, r0))} ∈ Γpt(mem,pbase)

hpt(ipa) = (pa, ) ∃r1 ≥ r0, allowed(pa, i , r1)Γpt(mem′,base) = Γpt(mem,base) ∪ {(gva, (pa, r0))}σ′HYP = σHYP[σint ← alloc(σint,mem, gva)]⟨ 〈memmemmem, base, regsmmu, regsgp, pl1, regsgic〉

σHYPσHYPσHYP

abt

⟩→

⟨ 〈mem′mem′mem′, base, regsmmu, regsgp, pl1, regsgic〉σ′HYPσ′HYPσ′HYP

abt

⟩

gva

Guest i

ipa, r0

GPT

Guest k

GPT

ipa, r0

Guest i Guest k Hypervisor

papapa, r0

r1 > r0

Hypervisor Guest iGuest k

HPT

SPT

GVA

IPA

HVA

PA

16 / 25







σHYPσHYPσHYP

abt

⟩→


abt

⟩gva

Guest i

ipa, r0

GPT

Guest k

GPT

ipa, r0


papapa, r0

r1 > r0


HPT

SPT

GVA

IPA

HVA

PA

16 / 25







σHYPσHYPσHYP

abt

⟩→


abt

⟩gva

Guest i

ipa, r0

GPT

Guest k

GPT

ipa, r0


papapa, r0

r1 > r0


HPT

SPT

GVA

IPA

HVA

PA

16 / 25







σHYPσHYPσHYP

abt

⟩→


abt

⟩gva

Guest i

ipa, r0

GPT

Guest k

GPT

ipa, r0


papapa, r0

r1 > r0


HPT

SPT

GVA

IPA

HVA

PA

16 / 25







σHYPσHYPσHYP

abt

⟩→


abt

⟩gva

Guest iipa, r0

GPT

Guest k

GPT

ipa, r0 Guest i Guest k Hypervisor

papapa, r0

r1 > r0


HPT

SPT

GVA

IPA

HVA

PA

16 / 25







σHYPσHYPσHYP

abt

⟩→


abt

⟩gva

Guest iipa, r0

GPT

Guest k

GPT

ipa, r0 Guest i Guest k Hypervisor

pa

papa, r0

r1 > r0


HPT

SPT

GVA

IPA

HVA

PA

16 / 25







σHYPσHYPσHYP

abt

⟩→


abt

⟩gva

Guest i

ipa, r0

GPT

Guest k

GPT

ipa, r0


pa

pa

pa, r0

r1 > r0


HPT

SPT

GVA

IPA

HVA

PA

16 / 25







σHYPσHYPσHYP

abt

⟩→


abt

⟩gva

Guest i

ipa, r0

GPT

Guest k

GPT

ipa, r0


papa

pa, r0

r1 > r0


HPT

SPT

GVA

IPA

HVA

PA

16 / 25




Invariants on SPTProperty ensuring isolation:if:

I base ∈ BSPT(σint, i)I (pa, r0) ∈ Im(pt(mem, base))

then:I ∃r1 ≥ r0 ∧ allowed(pa, i , r1)

Guest i

GPT

Guest k

GPT


pa, r0

r1 > r0


HPT

SPT ofGuest i

GVA

IPA

HVA

PA

17 / 25







Guest i

GPT

Guest k

GPT


pa, r0

r1 > r0


HPT

SPT ofGuest i

GVA

IPA

HVA

PA

17 / 25







Guest i

GPT

Guest k

GPT


pa, r0

r1 > r0


HPT

SPT ofGuest i

GVA

IPA

HVA

PA

17 / 25







Guest i

GPT

Guest k

GPT


pa, r0

r1 > r0


HPT

SPT ofGuest i

GVA

IPA

HVA

PA

17 / 25


Implementation

Outline

Problem OverviewHypervisorsShadow Page TablesContext

Proving Properties on a HypervisorMethodologyAbstract State Transition SystemConcrete State Transition System

ImplementationSmartState of the ProofConclusions

18 / 25


Implementation

Smart

Characteristics of Prove & Run Tools

Smart:

I is a functional language.

I is pure.

I has an imperative syntax.

I allows to write both code and properties.

The Prover:

I is interactive.

I provides automatic resolution for simple goals.

19 / 25


Implementation

Smart

Integrity Expressed in Smart

p u b l i c lemma t r a n s i t i o n i n t e g r i t y ( s t a t e s t , o r a c l e o ,i d x i )

program{{ s t a t e ns t , seg p r i v , s e g s t o r e send , s e g s t o r e r e c ,segment n p r i v , s e g s t o r e nsend , s e g s t o r e n rec , i d x c u r r }}{

s t a t e@c u r r g u e s t ( s t , c u r r +);i != cu r r => // [ i ] i s not the c u r r e n t gue s tv a l i d ( s t ) =>? t r a n s i t i o n ( s t , o , n s t+) =>

? g l o g e t s e gmen t s ( s t , i , p r i v +, send+, r e c+) =>? g l o g e t s e gmen t s ( n s t , i , n p r i v +, nsend+, n r ec+) &&np r i v = p r i v &&nsend = send &&d i f f e r o n l y o n c u r r ( r e c , n r e c , c u r r ) ;

}

20 / 25


Implementation

Smart

Integrity expressed in Smart

”If

I curr is the index of the running guest.

I i is a guest index such that i 6= curr .

I 〈curr , σ1, ..., σi , ..., σn〉 → 〈curr ′, σ′1, ..., σ′i , ..., σ′n〉”

... in Smart :

s t a t e@c u r r g u e s t ( s t , c u r r +);i != cu r r => // [ i ] i s not the c u r r e n t gue s tv a l i d ( s t ) =>? t r a n s i t i o n ( s t , o , n s t+) =>

21 / 25


Implementation

Smart

Integrity expressed in Smart

”then

I σ′i .priv = σi .priv

I ∀k , σ′i .sk = σi .skI ∀k 6= curr , σ′i .rk = σi .rk ”

... in Smart :

? g l o g e t s e gmen t s ( s t , i , p r i v +, send+, r e c+) =>? g l o g e t s e gmen t s ( n s t , i , n p r i v +, nsend+, n r ec+) &&np r i v = p r i v &&nsend = send &&d i f f e r o n l y o n c u r r ( r e c , n r e c , c u r r ) ;

22 / 25


Implementation

State of the Proof

Implementation Details

Measure: a hint means an interaction with the prover.

State of the proof:I Properties of the concrete level: 5756 hints.

I 3413 of which for the proof of preservation of invariants overthe map operation.

I Proof of isolation at the abstract level: 336 hints forconfidentiality and 235 hints for integrity.

I Proof of commutation of the Guest transition:1779 hints.

I Proof of commutation of the Page Fault transition:1885hints.

23 / 25


Implementation

Conclusions

Conclusions

Recent advances of Formal Methods in complex systems:

I Sel4, PROSPER, Verisoft XT project.

SPT management is:

I Complex.

I Error prone.

The work presented:

I Provides a formalization of a hypervisor, in particular of itsSPT management.

I Studies the properties needed on SPT to ensure isolation.

I Aims at simplifying further proofs by linking the hypervisormodel to an abstract model without SPT.

24 / 25


Implementation

Conclusions

Thank you for your attention

25 / 25

Documents

Modeling and Abstraction of Memory Management in a …people.rennes.inria.fr/Pauline.Bolignano/downloads/BJS16_slides.pdf · Modeling and Abstraction of Memory Management in a Hypervisor