BasicBlocker: Redesigning ISAs to Eliminate Speculative-Execution Attacks
share
Recent research has revealed an ever-growing class of microarchitectural attacks that exploit speculative execution, a standard feature in modern processors. Proposed and deployed countermeasures involve a variety of compiler updates, firmware updates, and hardware updates. None of the deployed countermeasures have convincing security arguments, and many of them have already been broken. The obvious way to simplify the analysis of speculative-execution attacks is to eliminate speculative execution. This is normally dismissed as being unacceptably expensive, but the underlying cost analyses consider only software written for current instruction-set architectures, so they do not rule out the possibility of a new instruction-set architecture providing acceptable performance without speculative execution. A new ISA requires compiler updates and hardware updates, but those are happening in any case. This paper introduces BasicBlocker, a generic ISA modification that works for all common ISAs and that removes most of the performance benefit of speculative execution. To demonstrate feasibility of BasicBlocker, this paper defines a BBRISC-V variant of the RISC-V ISA, reports implementations of a BBRISC-V soft core and an associated compiler, and presents a performance comparison for a variety of benchmark programs.
READ FULL TEXT