Heckler

Breaking Confidential VMs with Malicious Interrupts
(USENIX Security 2024)
https://ahoi-attacks.github.io/heckler/

Getting Started

Build host and guest kernel as well as VMM in a docker container.

# On your Host
cd ./docker
./docker-build.sh
./docker-run.sh

# In the container
$ ./build.sh --package

This builds host and guest kernel, qemu and ovmf for your host machine. On succesful build, the binaries will be available in heckler-snp-release-<DATE>.

# On your Host
cd heckler-snp-release-<DATE>
sudo ./install.sh

Prepare Host

Follow up on Prepare Host to set up your host for SEV-SNP. We recommend the following additional kernel arguments.

GRUB_CMDLINE_LINUX_DEFAULT="transparent_hugepage=never rcupdate.rcu_cpu_stall_suppress=1 nmi_watchdog=0"

We ran our experiments on an AMD 4th gen EPYC 9124 16-Core Processor. However, any other AMD SEV SNP capable processor should work as well.

VM Image

Create an Ubuntu 22.04/23.10 image in qcow2 format. See ./run.sh script.

Attack

Companion Repositories:

heckler-kernel (./linux/{guest|host}): Kernel code for gadget profiling
heckler-qemu (./qemu): Compatible qemu version
heckler-ovmf (./edk2): Compatible ovmf version

These repositories are downloaded during project build.

CVEs

About

Breaking Confidential VMs with Malicious Interrupts (USENIX Security 2024)

https://ahoi-attacks.github.io/heckler/

Other

Languages

Language:Python 48.7%Language:C 27.7%Language:Shell 17.9%Language:Makefile 3.2%Language:Dockerfile 1.6%Language:Assembly 0.9%