Sirius: Enabling System-Wide Isolation for Trusted Execution Environments

Hardware-assisted trusted execution environments (TEEs) are critical building blocks of many modern applications. However, the one-way isolation model introduces a semantic gap between TEE and its outside world, including conventional OSs and applications. This causes the most practical and ever-increasing set of attacks on TEE-enabled applications by exploiting various insecure interactions with the host OS and applications. Complex applications rely on many mechanisms on the host OS and TEE system; their complex interactions open a large attack surface that threatens both the trusted and normal worlds. To address this fundamental issue, we introduce Sirius, the first OS and TEE system to achieve system-wide isolation in TEEs. It enables fine-grained compartmentalization, strong isolation, and secure interactions between enclaves and kernel objects (e.g., threads, address spaces, IPC, files, and sockets). Sirius replaces ad-hoc and inefficient forms of interactions in current TEE systems with a principled approach that adds strong inter- and intra-process isolation and efficiently eliminates a wide range of attacks. We evaluate Sirius on ARM platforms, and find that it is lightweight ($\approx 15K$ LoC) and only adds $\approx 10.8\%$ overhead to enable TEE support on applications such as httpd, and improves the performance of existing TEE-enabled applications such as the Darknet ML framework and ARM's LibDDSSec by $0.05\%-5.6\%$.