AtomicDisk: A Secure Virtual Disk for TEEs against Eviction Attacks

SGX-PFS is the state-of-the-art secure storage solution for Trusted Execution Environment (TEE). SGX-PFS uses Merkle Hash Trees (MHT) to achieve confidentiality, integrity, and freshness, and adopts a recovery journal to ensure crash consistency. Unfortunately, SGX-PFS is vulnerable to a new type of eviction attacks: a privileged adversary can capture transient on-disk states (referred to as snapshots), which are generated by cache evictions inside the TEE (invisible and unanticipated to the user) and can potentially result in security loopholes.

Snapshots are allowed mainly because neither the POSIX file system interface nor the block interface has constraints on the ordering and timing for the persistence of writes. To address this vulnerability, we propose a new security property called sync atomicity, which promises that all writes before a sync request are committed in an all-or-nothing manner. We further design a secure virtual disk (called AtomicDisk) by enhancing SGX-PFS. AtomicDisk achieves sync atomicity by introducing an internal commit operation, so that evicted (uncommitted) writes can be distinguished from synced (committed) writes, thus effectively preventing eviction attacks. We compare AtomicDisk to SGX-PFS with trace-driven workloads. SGX-PFS generates hundreds of thousands of snapshots being vulnerable to eviction attacks. In contrast, AtomicDisk correctly generates exactly one valid state (caused by a sync), while achieving better performance than SGX-PFS.