Architectural Support for Software-Defined Metadata Processing
Udit Dhawan,
Catalin Hritcu,
Nikos Vasilakis,
Raphael Rubin,
Silviu Chiricescu,
Jonathan M. Smith,
Thomas F. Knight, Jr.,
Benjamin C. Pierce, and
André DeHon
Proceedings of the International Conference on Architectural
Support for Programming Languages and Operating Systems,
pp. 487--502, (March 14--18, 2015)
Hardware for propagating and checking software-programmable metadata
tags can achieve low runtime overhead when carefully implemented. We
generalize prior work on hardware tagging by considering a generic
architecture that supports software-defined policies over metadata of
arbitrary size and complexity; we introduce several novel
microarchitectural optimizations that keep the overhead of this rich
processing low. Our model thus achieves the efficiency of previous
hardware-based approaches with the flexibility of the software-based
ones. We demonstrate this by using it to enforce four diverse safety
and security policies---spatial and temporal memory safety, taint
tracking, control-flow integrity, and code and data separation---plus
a composite policy that enforces all of them simultaneously. Experiments on
SPEC CPU2006 benchmarks show modest impact on runtime (typically under
10%) and power ceiling (less than 10%), in return for some
increase in energy usage (typically under 60%) and area for
on-chip memory structures (110%).
© 2014 held by authors; Publication rights licensed to ACM.
|
