A Case for Exposing Extra-Architectural State in the ISA

Paper on ACM DL Local Download Presentation (PDF)

Abstract

The recent Meltdown and Spectre attacks took the community by surprise. Rather than exploiting an incorrect implementation of the ISA, these attacks leverage the undocumented implementation-specific speculation behavior of high-performance microarchitectures to affect the extra-architectural state of the machine (e.g., caches).

Inspired by these novel speculation-based attacks, we argue it is time to rethink the traditional ISA layers. Programmers and security professionals need a framework to reason about the effects of speculation and other microarchitectural performance optimizations. We propose judiciously extending the ISA to include the extra-architectural state so that an ISA implementation either completely squashes all system state changes caused by mis-speculated instructions or the potential changes are rigorously documented. We hope this new framework will give architects and security researchers tools to reduce the likelihood of future surprise vulnerabilities.

Jason Lowe-Power, Venkatesh Akella, Matthew K. Farrens, Samuel T. King, and Christopher J. Nitta. 2018. Position Paper: A case for exposing extra-architectural state in the ISA. In Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy (HASP ‘18). ACM, New York, NY, USA, Article 8, 6 pages. DOI: https://doi.org/10.1145/3214292.3214300

@inproceedings{exposing-ea:Lowe-Power:2018,
    author = {Lowe-Power, Jason and Akella, Venkatesh and Farrens, Matthew K. and King, Samuel T. and Nitta, Christopher J.},
    title = {Position Paper: A Case for Exposing Extra-architectural State in the ISA},
    booktitle = {Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy},
    series = {HASP '18},
    year = {2018},
    isbn = {978-1-4503-6500-0},
    location = {Los Angeles, California},
    pages = {8:1--8:6},
    articleno = {8},
    numpages = {6},
    url = {http://doi.acm.org/10.1145/3214292.3214300},
    doi = {10.1145/3214292.3214300},
    acmid = {3214300},
    publisher = {ACM},
    address = {New York, NY, USA},
} 

Updated: