Jinzhao Disk (or JinDisk) is a log-structured secure block device for TEEs, which has the following key features:

• Transparent protection. As a block device, JinDisk can transparently protect any file system (e.g., Ext4) that is stacked upon it and runs inside a TEE from a strong adversary outside the TEE.

• Strong security. JinDisk promises six security properties: confidentiality, integrity, freshness, consistency, atomicity, and anonymity. For more information, see the security goal below.

• High performance. Thanks to its unique log-structured design, JinDisk can deliver an excellent I/O performance that is close to the theoretically optimal level.

JinDisk targets a typical setting of TEE usage, where applications are ported into the TEE with no (or few) modifications thanks to a TEE-aware runtime. For enclave TEEs (e.g., Intel SGX), one popular choice for such a runtime is library OSes (e.g., Occlum). For VM TEEs (e.g., AMD SEV), one can choose off-the-shelf OS kernels like Linux.

As shown in the image above, the TEE runtime is integrated with JinDisk, which serves as a trusted logical block device that supports four standard block I/O commands including read(), write(), flush(), and trim(). From the perspective of JinDisk's users (e.g., file systems), all data written to or read from JinDisk is in plaintext. To serve these I/O requests securely, JinDisk takes some extra security measures, including but not limited to encrypting/decrypting the data transferred to/from the host block device properly.

To distinguish between the addresses on the trusted logical block device (i.e., JinDisk) and on the untrusted host block device, we term the former as logical block addresses (LBAs) and the latter host block addresses (HBAs).

The security goal of JinDisk is to provide to its users (e.g., file systems) the following six security guarantees:

• Confidentiality guarantees that the user data submitted by any write is not leaked and thus prevents tampering attacks.
• Integrity promises that the user data returned from any read are genuinely generated by the user and thus prevents snooping attacks.
• Freshness ensures that the user data returned from any read are up-to-date and thus prevents rollback attacks.
• Consistency ensures that all the security guarantees are held despite any accidental crashes or crashing attacks.
• Atomicity promises that all writes before a flush are persisted in an all-or-nothing manner.
• Anonymity avoids LBA leakage in the sense that the adversary cannot learn LBAs from the on-disk data structures directly or infer LBAs from HBAs.

Prior disk I/O protection solutions only provide a subset of JinDisk's security guarantees. For example, Linux's dm-crypt and dm-integrity only protect confidentiality and integrity, respectively. Although Linux's dm-verity ensures both integrity and freshness, it is read-only. As another example, Intel SGX Protected File System Library protects confidentiality, integrity, freshness, and consistency, but falls short of atomicity and anonymity.

As of this moment, JinDisk has two implementations.

• The Linux version, written in C (this repository), is for use in VM TEEs like AMD SEV and Intel TDX.
• The Occlum version, written in Rust, is for use in Intel SGX enclaves.

Both implementations are being developed actively. They are ready for technical preview, but still lack some production-grade features.

Our long-term plan is to ultimately merge the two implementations into one unified Rust implementation that can be integrated with Linux, Occlum, and probably other OSes as well. We will submit patches to the Linux community so that JinDisk may be eventually included in the mainline Linux.

For more information about the design of JinDisk, see the paper.

The repository contains the Linux version of JinDisk, which consists of two parts:

• kernel-module is the kernel-space component of JinDisk, a Linux device mapper target that implements the log-structured secure block device.

• user-cli is the user-space component of JinDisk, which includes a set of tools used to set up JinDisk-enabled virtual disks conveniently.

Except where noted otherwise, the individual files within this package are licensed as 3-Clause BSD license. However, when linked together to form a Linux kernel module, the resulting Linux kernel module is dual licensed as BSD/GPLv2.