基于边界检测的安全数据预取方案  

作　　者：吝常青 田鑫 侯锐 孟丹[1] LIN Changqing;TIAN Xin;HOU Rui;MENG Dan(Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China)

机构地区：[1]中国科学院信息工程研究所,中国北京100093 [2]中国科学院大学网络空间安全学院,中国北京100049

出　　处：《信息安全学报》2022年第1期114-125,共12页Journal of Cyber Security

基　　金：中国科学院战略性先导科技专项(No.XDC02010200)资助。

摘　　要：为了不断提升微处理器的性能,现代微处理器当中包含了越来越多用于性能优化的部件,比如高速缓存,分支预测器,数据预取器等,这些性能优化部件在给微处理器带来可观的性能提升的同时,也引入了一定的安全隐患。比如高速缓存引入的侧信道,分支预测引入的“幽灵”漏洞等等,与上述两个性能优化部件类似,数据预取也存在安全隐患,然而却未引起足够的重视。数据预取的根本目的在于提升高速缓存命中率,主要通过观察程序的访存行为规律提前将所需的数据加载到高速缓存当中,是现今高性能微处理器当中重要的微处理器性能优化技术。近来有研究表明,数据预取会引入侧信道,造成信息泄露,对微处理器的整体安全性造成了一定的威胁,然而目前却鲜有关于如何对数据预取安全缺陷进行防御的相关研究。性能优化部件之所以引入安全风险的根本在于其具有推测性,当推测的处理器行为与实际的行为不符时,便会在处理器内部遗留下“脏数据”,这些“脏数据”有可能来自于越权或者越界访问。本文重点分析了硬件数据预取目前面临的安全风险及其产生原因,提出了安全的数据预取行为规范,在开源处理器BOOM(Berkeley Out of Order Machine)上实现了基于指令指针(instruction pointer)的步距预取器,同时依据上述安全的数据预取行为规范,实现了具有边界检测功能的安全数据预取系统,最后对其安全性和性能开销进行了简要评估。In order to continuously improve the performance of microprocessors,modern microprocessors contain more and more components for performance optimization,such as caches,branch predictors,data prefetchers,etc.,these per-formance optimization components speed up the microprocessor’s performance.At the same time of considerable perfor-mance improvement,certain security risks have been introduced also.For example,side channels introduced by cache,"spectre"vulnerabilities introduced by branch prediction,etc.,similar to the above two performance optimization compo-nents,data prefetching also has security risks,but haven’t attracted enough attention yet.The fundamental purpose of data prefetching is to increase the cache hit rate.It is mainly used to load the required data into the cache in advance by ob-serving the memory access rules of the program.It is an important microprocessor performance optimization technology among today's high-performance microprocessors.Recent studies have shown that data prefetching will introduce side channels,causing information leakage,and posing a certain threat to the overall security of microprocessors.However,there are currently few related studies on how to defend against security flaws in data prefetching.The fundamental reason why performance optimization components introduce security risks is that they are speculative.When the speculative pro-cessor behavior does not match the actual behavior,“dirty data”will be left in the processor.These“dirty data”may come from out of bounds access or unauthorized access.This article focuses on analyzing the current security risks faced by hardware data prefetching and their causes,and proposes a safe data prefetching code of conduct,and implements an in-struction pointer based on the open-source processor BOOM(Berkeley Out of Order Machine).At the same time,accord-ing to the above-mentioned safe data prefetching behavior specification,a secure data prefetching system with boundary detection function is realized.Finally,a brief eval

关 键 词：数据预取器 Cache侧信道攻击 信息泄露 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]