Exploiting Unprotected I/O Operations in AMD’s Secure Encrypted Virtualization

 February 16, 2024 at 7:58 pm

USENIX'19 Paper



  • Monitoring nPT (nested page table) and gPT (guest page table)
  • Page faults => a list of accessed pages => find the actual address of the target page
  • Decryption oracle: move content of the ciphertext to the SWIOTLB
  • Let it be decrypted

Technical Details

  • Monitoring/MITM the DMA operations
  • Pattern matching to find the accessed address in private memory
  • IOremap to replace ciphertext
  • QEMU notifies the VM about DMA write. Does it notify the device to read DMA?

Building GPU TEEs using CPU Secure Enclaves with GEVisor

 February 8, 2024 at 4:07 pm



  • Trust TPM & Secure Boot
  • Security Monitor implemented at VMX-root level, and the model(with implementation) are formally verified.
  • Enforce access control by trapping instrcuctions