Overshadow: A Virtualization-Based Approach to RetrofittingProtection in Commodity Operating SystemsXiaoxin Chen Tal Garfinkel E. Christopher Lewis Pratap Subrahmanyam Carl A. WaldspurgerDan Boneh∗Jeffrey Dwoskin†Dan R.K. Ports‡VMware, Inc.∗Stanford University†Princeton University‡MIT{mchen,talg,lewis,pratap,carl}@vmware.com [email protected] [email protected] [email protected] operating systems entrusted with securing sensitivedata are remarkably large and complex, and consequently, fre-quently prone to compromise. To address this limitation, we in-troduce a virtual-machine-based system called Overshadow thatprotects the privacy and integrity of application data, even in theevent of a total OS compromise. Overshadow presents an applica-tion with a normal view of its resources, but the OS with an en-crypted view. This allows the operating system to carry out thecomplex task of managing an application’s resources, without al-lowing it to read or modify them. Thus, Overshadow offers a lastline of defense for application data.Overshadow builds on multi-shadowing, a novel mechanismthat presents different views of “physical” memory, depending onthe context performing the access. This primitive offers an addi-tional dimension of protection beyond the hierarchical protectiondomains implemented by traditional operating systems and proces-sor architectures.We present the design and implementation of Overshadow andshow how its new protection semantics can be integrated with ex-isting systems. Our design has been fully implemented and usedto protect a wide range of unmodified legacy applications runningon an unmodified Linux operating system. We evaluate the perfor-mance of our implementation, demonstrating that this approach ispractical.Categories and Subject Descriptors D.4.6 [Operating Systems]:Security and ProtectionGeneral Terms Design, Security, PerformanceKeywords Virtual Machine Monitors, VMM, Hypervisors, Oper-ating Systems, Memory Protection, Multi-Shadowing, Cloaking1. IntroductionCommodity operating systems are ubiquitous in home, commer-cial, government, and military settings. Consequently, these sys-tems are tasked with handling all manner of sensitive data, fromindividual passwords and crypto keys, to databases of social secu-rity numbers, to sensitive documents and voice traffic.Permission to make digital or hard copies of all or part of this work for personal orclassroom use is granted without fee provided that copies are not made or distributedfor profit or commercial advantage and that copies bear this notice and the full citationon the first page. To copy otherwise, to republish, to post on servers or to redistributeto lists, requires prior specific permission and/or a fee.ASPLOS’08, March 1–5, 2008, Seattle, Washington, USA.Copyrightc2008ACM978-1-59593-958-6/08/03...$5.00Unfortunately, the security provided by commodity operatingsystems is often inadequate. Trusted OS components include notjust the kernel but also device drivers and system services thatrun with privilege (e.g., daemons that run as root in Linux). Thesecomponents generally comprise a large body of code, with broadattack surfaces that are frequently vulnerable to exploitable bugs ormisconfigurations. Once such privileged code is compromised, anattacker gains complete access to sensitive data on a system. Whilesome facets of security in these systems will continue to improve,we believe competitive pressures to provide richer functionalityand retain compatibility with existing applications will keep thecomplexity of such systems high, and their assurance poor.To ameliorate this problem, many have attempted to retrofithigher-assurance execution environments onto commodity sys-tems. Previous efforts have explored executing applications han-dling sensitive data in separate virtual machines [10, 29, 8], usingsecure co-processors [7], or changing the processor architectureto introduce orthogonal protection mechanisms that protect appli-cation data from the OS [6, 13, 16, 19, 27]. Unfortunately, thesegenerally demand major changes in the way that applications arewritten [7, 8, 16, 18, 28] and used [8, 10], and how OS resourcesare managed [10, 29]. Such radical departures pose a substantialbarrier to adoption.We offer an alternative in a system called Overshadow. Over-shadow protects legacy applications from the commodity operat-ing systems running them. Unlike other approaches, it requires nochanges to existing operating systems or applications, nor any ad-ditional hardware support. Instead, it works by extending the iso-lation capabilities of the virtualization layer to allow protection ofentities inside a virtual machine.Overshadow adds this protection through a novel techniquecalled multi-shadowing which leverages the extra level of indirec-tion offered by memory virtualization in a virtual machine mon-itor (VMM). Conceptually, a typical VMM maintains a one-to-one mapping from guest “physical” addresses to actual machineaddresses. Multi-shadowing replaces this with a one-to-many,context-dependent mapping, providing multiple views of guestmemory. Overshadow leverages this mechanism to present an ap-plication with a cleartext view of its pages, and the OS with anencrypted view, a technique we call cloaking. Encryption-basedprotection allows resources to remain accessible to the OS, yetsecure, permitting it to manage resources without compromisingapplication privacy or integrity.Cloaking is a low-level primitive that operates on basic mem-ory pages. However, nearly all higher-level application resources –including code, data, files, and even IPC streams – are already man-aged as memory-mapped objects by modern operating systems, or2can be adapted as such. As a result, cloaking is sufficiently generalto protect all of an application’s major resources.Using cloaking to protect a legacy application running on anunmodified OS requires some changes to the normal execution en-vironment. To accommodate these changes while maintaining com-patibility, Overshadow introduces a shim at load time into the ad-dress space of each cloaked application to mediate all communica-tion with the OS. With assistance from the VMM, the shim inter-poses on events such as system calls and signal delivery, modifyingtheir semantics to enable safe resource sharing between a cloakedapplication and an untrusted OS.The next section presents our design goals and threat modelfor Overshadow.