Recent work has revealed MOLE, the first practical attack to compromise GPU Trusted Execution Environments (TEEs), by injecting malicious firmware into the embedded Microcontroller Unit (MCU) of Arm Mali GPUs. By exploiting the absence of cryptographic verification during initialization, adversaries with kernel privileges can bypass memory protections, exfiltrate sensitive data at over 40 MB/s, and tamper with inference results, all with negligible runtime overhead. This attack surface affects commodity mobile SoCs and cloud accelerators, exposing a critical firmware-level trust gap in existing GPU TEE designs. To address this gap, this paper presents FAARM, a lightweight Firmware Attestation and Authentication framework that prevents MOLE-style firmware subversion. FAARM integrates digital signature verification at the EL3 secure monitor using vendor-signed firmware bundles and an on-device public key anchor. At boot, EL3 verifies firmware integrity and authenticity, enforces version checks, and locks the firmware region, eliminating both pre-verification and time-of-check-to-time-of-use (TOCTOU) attack vectors. We implement FAARM as a software-only prototype on a Mali GPU testbed, using a Google Colab-based emulation framework that models the firmware signing process, the EL1 to EL3 load path, and secure memory configuration. FAARM reliably detects and blocks malicious firmware injections, rejecting tampered images before use and denying overwrite attempts after attestation. Firmware verification incurs only 1.34 ms latency on average, demonstrating that strong security can be achieved with negligible overhead. FAARM thus closes a fundamental gap in shim-based GPU TEEs, providing a practical, deployable defense that raises the security baseline for both mobile and cloud GPU deployments.
翻译:近期研究揭示了 MOLE,这是首个通过向 Arm Mali GPU 嵌入式微控制器单元(MCU)注入恶意固件来攻破 GPU 可信执行环境(TEE)的实际攻击。该攻击利用初始化阶段缺乏密码学验证的漏洞,使拥有内核权限的攻击者能够绕过内存保护、以超过 40 MB/s 的速度窃取敏感数据并篡改推理结果,且运行时开销可忽略不计。此攻击面影响商用移动 SoC 和云端加速器,暴露了现有 GPU TEE 设计中关键的固件级信任鸿沟。为填补这一鸿沟,本文提出 FAARM,一种轻量级固件证明与认证框架,可防范 MOLE 式固件篡改。FAARM 在 EL3 安全监视器中集成数字签名验证机制,采用供应商签名的固件包与设备内公钥锚点。启动时,EL3 验证固件的完整性与真实性,执行版本检查并锁定固件区域,从而消除验证前和时差(TOCTOU)攻击向量。我们在 Mali GPU 测试平台上以纯软件原型实现 FAARM,并采用基于 Google Colab 的仿真框架,该框架模拟固件签名流程、EL1 至 EL3 加载路径以及安全内存配置。FAARM 能可靠检测并阻断恶意固件注入,在使用前拒绝篡改的镜像,并在证明后阻止覆写尝试。固件验证平均仅产生 1.34 毫秒延迟,表明强安全性可在可忽略的开销下实现。因此,FAARM 填补了基于垫片(shim)的 GPU TEE 的根本性缺陷,提供了一种可实际部署的防御方案,为移动端与云端 GPU 部署提升了安全基线。