| Title | : | Microarchitectural Extensions for Meltdown Safe Memory Protection in Multi-Threaded Applications |
| Speaker | : | Krishnakumar Gnanambikai (IITM) |
| Details | : | Tue, 25 Jun, 2019 3:00 PM @ A M Turing Hall |
| Abstract: | : | Illegal use of memory pointers is a serious security vulnerability. A large number of malware exploit the spatial and temporal nature of these vulnerabilities to subvert execution or glean sensitive data from an application. Recent countermeasures attach metadata to memory pointers, which define the pointer's capabilities. The metadata is used by the hardware to validate pointer-based memory accesses. However, the recent works have considerable overheads. Further, the pointer validation is decoupled from the actual memory access. We show that this could open up vulnerabilities in multi-threaded applications and introduce new vulnerabilities due to speculation in out-of-order processors.
In this talk, we demonstrate that the overheads can be reduced considerably by efficient metadata management. We show that the hardware can be designed in a manner that would remain safe in multi-threaded applications and immune to speculative vulnerabilities like Meltdown. We achieve these by ensuring that the pointer validations and the corresponding memory access is always done atomically and in-order. To evaluate our scheme, which we call ALEXIA, we enhance an OpenRISC processor to perform the memory validation at run time and add compiler support in LLVM. ALEXIA is the first hardware countermeasure scheme for memory protection that provides such an end-to-end solution. We evaluate the processor on Altera and Xilinx FPGAs and show that the run time overheads, on average, is 14%, with negligible impact on the processor's size and clock frequency. There is also negligible impact on the program's code and data sizes. |
