Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

td-payload: add shadow pages for shared memory #661

Merged
merged 1 commit into from
Mar 14, 2024
Merged

td-payload: add shadow pages for shared memory #661

merged 1 commit into from
Mar 14, 2024

Conversation

gaojiaqi7
Copy link
Member

Data in shared memory provided by VMM is untrusted so from a security perspective the data shall be consumed after being copied into private memory.

Private shadow for SharedMemory is provided to add a more easy and functional safe mechanism to use the untrusted data. It is 1:1 allocated for a shared memory request, and users can use the data with copy_to_private_shadow directly to get a private copy with additional memory allocation/free operations.

@gaojiaqi7 gaojiaqi7 force-pushed the 0303/add_private_shadow branch from a559ca8 to c41a05d Compare March 3, 2024 14:43
jyao1
jyao1 reviewed Mar 4, 2024
View reviewed changes
td-payload/src/mm/shared.rs Outdated
SHARED_MEMORY_ALLOCATOR.lock().init(start as *mut u8, size);
SHARED_MEMORY_ALLOCATOR
.lock()
.init(shared_start as *mut u8, shared_size);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we use double allocators, then we assume that the allocator is deterministic, not randomized. Right?

I am not sure why we need 2nd allocator, why not just use "address + offset" for the shadow?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it, will follow this way

@gaojiaqi7 gaojiaqi7 force-pushed the 0303/add_private_shadow branch from c41a05d to c258444 Compare March 5, 2024 03:27
@gaojiaqi7
td-payload: add shadow pages for shared memory
5a6d9b7 
Data in shared memory provided by VMM is untrusted so from a security
perspective the data shall be consumed after being copied into private
memory.

Private shadow for `SharedMemory` is provided to add a more easy
and functional safe mechanism to use the untrusted data. It is 1:1
allocated for a shared memory request, and users can use the data with
`copy_to_private_shadow` directly to get a private copy with additional
memory allocation/free operations.

Signed-off-by: Jiaqi Gao <jiaqi.gao@intel.com>
@gaojiaqi7 gaojiaqi7 force-pushed the 0303/add_private_shadow branch from c258444 to 5a6d9b7 Compare March 5, 2024 03:30
@jyao1 jyao1 merged commit 82093b8 into confidential-containers:main Mar 14, 2024
17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jyao1 jyao1 jyao1 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gaojiaqi7 @jyao1