SH3ARS: Privilege Reduction for ARMv8.0-A Secure Monitors

Abstract

The ARM TrustZone Trusted Execution Environment (TEE) allows software to run in an isolated environment, separated from the untrusted OS. The isolation is based on the Secure Monitor (SM), software running at the most privileged hardware level, with unrestricted access to all system resources, including those of the TEE. Critically, recent research revealed widespread vulnerabilities in SMs that break the TEE isolation and, thus, undermine the very purpose of the TEE. To this end, we present SH3ARS, a fundamental restructuration of the SM firmware that reduces the privileges of the SM and restores ARM TrustZone isolation. SH3ARS modifies the SM to irrevocably relinquish access to memory outside its own address space through a page table latching mechanism. Furthermore, we introduce guards, carefully crafted, gadget-free code sequences, that supervise the context switch to and from the TEE, preventing code-reuse attacks against the TEE – a technique we refer to as SMC-oriented programming. Relying on software changes, SH3ARS ensures TEE isolation guarantees, even if the SM is compromised. We apply SH3ARS to the reference implementation of the SM on ARMv8.0-A, as deployed on millions of devices. We implement a proof of concept on real hardware, and our evaluation shows that the overhead is lower than 6% for most workloads.

Mehr zum Titel