Linux 核心廣泛應用於現代嵌入式系統中,從工業設備到智慧型手機,皆依賴其提供如記憶體管理等基本功能。由於其開放原始碼與高度擴展性,具有高度異質性與複雜性的核心驅動程式已成為攻擊者的主要目標。雖然現有防護機制能提升安全性,但往往需要重新設計驅動程式架構,無法實現多個驅動程式間的記憶體存取隔離,且帶來顯著的效能負擔。為解決這些挑戰,本文提出 TMZone,一種基於 ARM TrustZone 的 Linux 核心驅動程式信任記憶池機制。TMZone 能在不修改原始驅動程式的情況下,提供安全隔離、動態存取控制、低侵入性與高度相容性。TMZone 透過擴展記憶體操作,結合 Trusted Firmware 層級的頁表式存取控制,以及加密與資料完整性驗證,有效確保驅動程式資料的機密性與完整性。實驗結果顯示,TMZone 在 ARM Mali GPU 驅動程式上的效能開銷低於 6%,展現出實務可行性與廣泛部署潛力。;The Linux kernel is widely adopted in modern embedded systems, powering everything from industrial devices to smartphones by providing essential functionalities such as memory management. Due to its open-source and extensible nature, kernel drivers-characterized by their high heterogeneity and complexity-have become prime targets for attackers. While existing protection mechanisms can enhance security, they often require driver rearchitecting, fail to enforce memory access isolation between multiple drivers, and impose significant performance overhead. To address these challenges, this paper proposes TMZone, a trusted memory pool for Linux kernel drivers built on ARM TrustZone. TMZone enables secure isolation, dynamic accessibility, low invasiveness, and high compatibility without altering the original driver program. By extending memory operations and leveraging page table-based access control within Trusted Firmware along with encryption and data integrity verification. TMZone effectively ensure the confidentiality and integrity of driver data. Experimental results show that TMZone introduces less than 6% performance overhead on ARM Mali GPU drivers, demonstrating its practical feasibility and potential for broad deployment.
