Modern operating systems manage and abstract hardware resources, to ensure efficient execution of user workloads. The operating system must securely interface with often untrusted user code while relying on hardware that is assumed to be trustworthy. In this paper, we challenge this trust by introducing the eNVMe platform, a malicious NVMe storage device. The eNVMe platform features a novel, Linux-based, open-source NVMe firmware. It embeds hacking tools and it is compatible with a variety of PCI-enabled hardware. Using this platform, we uncover several attack vectors in Linux and Windows, highlighting the risks posed by malicious NVMe devices. We discuss available mitigation techniques and ponder about open-source firmware and open-hardware as a viable way forward for storage. While prior research has examined compromised existing hardware, our eNVMe platform provides a novel and unique tool for security researchers, enabling deeper exploration of vulnerabilities in operating system storage subsystems.

翻译：现代操作系统管理与抽象硬件资源，以确保用户工作负载的高效执行。操作系统必须在依赖假定可信的硬件的同时，与通常不可信的用户代码安全交互。本文通过引入eNVMe平台——一种恶意的NVMe存储设备——来挑战这种信任。eNVMe平台采用了一种新颖的、基于Linux的开源NVMe固件。它嵌入了黑客工具，并与多种支持PCI的硬件兼容。利用该平台，我们揭示了Linux和Windows中的若干攻击向量，凸显了恶意NVMe设备带来的风险。我们讨论了现有的缓解技术，并思考开源固件与开源硬件作为存储领域可行发展路径的可能性。尽管先前研究已考察过现有硬件的被攻陷情况，但我们的eNVMe平台为安全研究人员提供了一种新颖独特的工具，能够更深入地探索操作系统存储子系统中的漏洞。