Skip to main content
Springer Nature Link
Log in

Confidentiality Issues on a GPU in a Virtualized Environment

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8437))

Included in the following conference series:

Abstract

General-Purpose computing on Graphics Processing Units (GPGPU) combined to cloud computing is already a commercial success. However, there is little literature that investigates its security implications. Our objective is to highlight possible information leakage due to GPUs in virtualized and cloud computing environments. We provide insight into the different GPU virtualization techniques, along with their security implications. We systematically experiment and analyze the behavior of GPU global memory in the case of direct device assignment. We find that the GPU global memory is zeroed only in some configurations. In those configurations, it happens as a side effect of Error Correction Codes (ECC) and not for security reasons. As a consequence, an adversary can recover data of a previously executed GPGPU application in a variety of situations. These situations include setups where the adversary launches a virtual machine after the victim’s virtual machine using the same GPU, thus bypassing the isolation mechanisms of virtualization. Memory cleaning is not implemented by the GPU card itself and we cannot generally exclude the existence of data leakage in cloud computing environments. We finally discuss possible countermeasures for current GPU clouds users and providers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Tesla is used by NVIDIA both as an architecture code name and a product range name [25]. NVIDIA commercialized the Tesla architecture under the name GeForce 8 Series. When not specified, we refer to the product range name in the remainder of the article.

References

  1. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0946 (2012)

  2. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4225 (2012)

  3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0109 (2013)

  4. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0110 (2013)

  5. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0131 (2013)

  6. Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. ACM SIGOPS Oper. Syst. Rev. 37(5), 164–177 (2003)

    Article  Google Scholar 

  7. Becchi, M., Sajjapongse, K., Graves, I., Procter, A., Ravi, V., Chakradhar, S.: virtual memory based runtime to support multi-tenancy in clusters with GPUs. In: HPDC’12 (2012)

    Google Scholar 

  8. Bernemann, A., Schreyer, R., Spanderen, K.: Pricing structured equity products on gpus. In: Workshop on High Performance Computational Finance (WHPCF’10) (2010)

    Google Scholar 

  9. Breß, S., Kiltz, S., Schäler, M.: Forensics on GPU coprocessing in databases - research challenges, first experiments, and countermeasures. In: Workshop on Databases in Biometrics, Forensics and Security Applications (2013)

    Google Scholar 

  10. Chou, A., Yang, J., Chelf, B., Hallem, S., Engler, D.: An empirical study of operating systems errors. In: SOSP’01 (2001)

    Google Scholar 

  11. Colp, P., Nanavati, M., Zhu, J., Aiello, W., Coker, G., Deegan, T., Loscocco, P., Warfield, A.: Breaking up is hard to do: security and functionality in a commodity hypervisor. In: SOSP’11 (2011)

    Google Scholar 

  12. Di Pietro, R., Lombardi, F., Villani, A.: CUDA Leaks: Information Leakage in GPU Architectures (2013). arXiv:1305.7383v1

  13. Dowty, M., Sugerman, J.: GPU virtualization on VMware’s hosted I/O architecture. ACM SIGOPS Oper. Syst. Rev. 43(3), 73–82 (2009)

    Article  Google Scholar 

  14. Envytools. https://github.com/envytools/envytools

  15. Giunta, G., Montella, R., Agrillo, G., Coviello, G.: A GPGPU transparent virtualization component for high performance computing clouds. In: D’Ambra, P., Guarracino, M., Talia, D. (eds.) Euro-Par 2010, Part I. LNCS, vol. 6271, pp. 379–391. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  16. gKrypt Engine. http://gkrypt.com/

  17. Gupta, V., Gavrilovska, A., Schwan, K., Kharche, H., Tolia, N., Talwar, V., Ranganathan, P.: GViM: GPU-accelerated virtual machines. In: HPCVirt’09 (2009)

    Google Scholar 

  18. Harnik, D., Pinkas, B., Shulman-peleg, A.: Side channels in cloud services, the case of deduplication in cloud storage. IEEE Secur. Priv. 8(6), 40–47 (2010)

    Article  Google Scholar 

  19. Kato, S., McThrow, M., Maltzahn, C., Brandt, S.: Gdev: first-class GPU resource management in the operating system. In: USENIX ATC’12 (2012)

    Google Scholar 

  20. Kerrisk, M.: Xdc 2012: Graphics stack security (2012). https://lwn.net/Articles/517375/

  21. Kivity, A., Kamay, Y., Laor, D., Lublin, U., Liguori, A.: kvm: the linux virtual machine monitor. In: Proceedings of the Linux Symposium, pp. 225–230 (2007)

    Google Scholar 

  22. Kolb, C., Pharr, M.: GPU Gems 2, chapter Options Pricing on the GPU (2005)

    Google Scholar 

  23. Kolivas, C.: cgminer. https://github.com/ckolivas/cgminer

  24. Ladakis, E., Koromilas, L., Vasiliadis, G., Polychronakis, M., Ioannidis, S.: You can type, but you can’t hide: a stealthy GPU-based keylogger. In: EuroSec’13 (2013)

    Google Scholar 

  25. Lindholm, E., Nickolls, J., Oberman, S., Montrym, J.: Nvidia Tesla: a unified graphics and computing architecture. IEEE Micro 28(2), 39–55 (2008)

    Article  Google Scholar 

  26. Lombardi, F., Di Pietro, R.: CUDACS: securing the cloud with CUDA-enabled secure virtualization. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 92–106. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  27. Lone Sang, F., Lacombe, E., Nicomette, V., Deswarte, Y.: Exploiting an I/OMMU vulnerability. In: MALWARE’10 (2010)

    Google Scholar 

  28. Nouveau. http://nouveau.freedesktop.org

  29. NVIDIA. TESLA M2050 / M2070 GPU computing module (2010)

    Google Scholar 

  30. NVIDIA. CUDA C Programming Guide (2012)

    Google Scholar 

  31. NVIDIA. NVIDIA GRID, GPU Acceleration for Virtualization, GPU Technology Conference (2013). http://on-demand.gputechconf.com/gtc/2013/presentations/S3501-NVIDIA-GRID-Virtualization.pdf

  32. Owens, R., Wang, W.: Non-interactive OS fingerprinting through memory de-duplication technique in virtual machines. In: IPCCC’11 (2011)

    Google Scholar 

  33. Pathscale. https://github.com/pathscale/pscnv

  34. Ravi, V.T., Becchi, M., Agrawal, G., Chakradhar, S.: Supporting GPU sharing in cloud environments with a transparent runtime consolidation framework. In: HPDC’11 (2011)

    Google Scholar 

  35. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: CCS’09 (2009)

    Google Scholar 

  36. Shi, L., Chen, H., Sun, J.: vCUDA: GPU accelerated high performance computing in virtual machines. In: IPDPS’09 (2009)

    Google Scholar 

  37. Slaviero, M., Meer, H., Arvanitis, N.: Clobbering the Cloud, part 4 of 5, Blackhat (2009). http://www.sensepost.com/blog/3797.html

  38. Smowton, C.: Secure 3D graphics for virtual machines. In: EuroSec’09 (2009)

    Google Scholar 

  39. Suzaki, K., Iijima, K., Yagi, T., Artho, C.: Memory deduplication as a threat to the guest OS. In: European Workshop on System Security (2011)

    Google Scholar 

  40. Tian, X., Benkrid, K.: High-performance quasi-monte carlo financial simulation: FPGA vs. GPP vs. GPU. ACM Trans. Reconfig. Technol. Syst. (TRETS) 3(4), 26 (2010)

    Google Scholar 

  41. Vasiliadis, G., Polychronakis, M., Ioannidis, S.: GPU-assisted malware. In: International Conference on Malicious and Unwanted Software (2010)

    Google Scholar 

  42. Vinaya, M.S., Vydyanathan, N., Gajjar, M.: An evaluation of CUDA-enabled virtualization solutions. In: PDGC’12 (2012)

    Google Scholar 

  43. Wojtczuk, R., Rutkowska, J.: Following the White Rabbit: Software attacks against Intel VT-d technology. invisiblethingslab.com (2011)

    Google Scholar 

  44. Wu, Z., Xu, Z., Wang, H.: Whispers in the hyper-space: high-speed covert channel attacks in the cloud. In: USENIX Security (2012)

    Google Scholar 

  45. Yamanouchi, T.: GPU Gems 3, chapter AES Encryption and Decryption on the GPU (2007)

    Google Scholar 

  46. Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: CCS’12 (2012)

    Google Scholar 

Download references

Acknowledgments

We wish to thank NVIDIA for the donation of a Tesla K20 card. We would also like to thank the Nouveau development team, and especially Martin Peres, for sharing their knowledge and their massive effort of reverse-engineering on NVIDIA GPUs.

Author information

Authors and Affiliations

  1. Technicolor, Rennes, France

    Clémentine Maurice, Christoph Neumann & Olivier Heen

  2. Eurecom, Sophia Antipolis, France

    Clémentine Maurice & Aurélien Francillon

Authors
  1. Clémentine Maurice
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christoph Neumann
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Olivier Heen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Aurélien Francillon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Clémentine Maurice .

Editor information

Editors and Affiliations

  1. Carnegie Mellon University, Pittsburgh, Pennsylvania, USA

    Nicolas Christin

  2. University of Calgary, Calgary, Alberta, Canada

    Reihaneh Safavi-Naini

Rights and permissions

Reprints and permissions

Copyright information

© 2014 International Financial Cryptography Association

About this paper

Cite this paper

Maurice, C., Neumann, C., Heen, O., Francillon, A. (2014). Confidentiality Issues on a GPU in a Virtualized Environment. In: Christin, N., Safavi-Naini, R. (eds) Financial Cryptography and Data Security. FC 2014. Lecture Notes in Computer Science(), vol 8437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45472-5_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-45472-5_9

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-45471-8

  • Online ISBN: 978-3-662-45472-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics