MuonTrap: Preventing Cross-Domain Spectre-Like Attacks by Capturing Speculative State

Sam Ainsworth, Timothy M Jones

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

The disclosure of the Spectre speculative-execution attacks in January 2018 has left a severe vulnerability that systems are still struggling with how to patch. The solutions that currently exist tend to have incomplete coverage, perform badly, or have highly undesirable performance edge cases. MuonTrap allows processors to continue to speculate, avoiding significant reductions in performance, without impacting security. We instead prevent the propagation of any state based on speculative execution, by placing the results of speculative cache accesses into a small, fast L0 filter cache, that is non-inclusive, non-exclusive with the rest of the cache hierarchy. This isolates all parts of the system that can't be quickly cleared on any change in threat domain. MuonTrap uses these speculative filter caches, which are cleared on context and protection-domain switches, along with a series of extensions to the cache coherence protocol and prefetcher. This renders systems immune to cross-domain information leakage via Spectre and a host of similar attacks based on speculative execution, with low performance impact and few changes to the CPU design.
Original languageEnglish
Title of host publication2020 ACM/IEEE 47th Annual International Symposium on Computer Architecture (ISCA)
PublisherInstitute of Electrical and Electronics Engineers
Pages132-144
Number of pages13
ISBN (Electronic)978-1-7281-4661-4
ISBN (Print)978-1-7281-4662-1
DOIs
Publication statusPublished - 13 Jul 2020
EventThe 47th International Symposium on Computer Architecture - Valencia, Spain
Duration: 30 May 20203 Jun 2020
Conference number: 47
https://iscaconf.org/isca2020/

Symposium

SymposiumThe 47th International Symposium on Computer Architecture
Abbreviated titleISCA 2020
Country/TerritorySpain
CityValencia
Period30/05/203/06/20
Internet address

Keywords / Materials (for Non-textual outputs)

  • Microarchitecture
  • Hardware Security
  • Speculative Execution
  • Spectre

Fingerprint

Dive into the research topics of 'MuonTrap: Preventing Cross-Domain Spectre-Like Attacks by Capturing Speculative State'. Together they form a unique fingerprint.

Cite this