Overview
Explore the critical security vulnerabilities exposed by Meltdown and Spectre attacks and their impact on modern CPU architecture in this Strange Loop Conference talk. Delve into the fundamental design flaws of Out of Order (OOO) scheduling and speculative execution in most commercial CPUs, and understand how these attacks can compromise system security by reading any memory location. Learn about the performance costs associated with mitigating these vulnerabilities and the inherent immunity of In-Order (IO) architectures. Discover the unique approach of the Mill architecture, which aims to provide OOO performance with IO power efficiency while maintaining immunity to Meltdown and Spectre. Gain insights into the security challenges faced by modern processors, the trade-offs between performance and security, and potential solutions for future CPU designs. The talk covers topics such as branch prediction, cache pollution, memory hierarchy, load operations, and speculation comparisons, providing a comprehensive overview of the complex interplay between CPU architecture and security.
Syllabus
Number fourteen of a series
Dramatis personae
The plot
To steal a secret...
Access vs. Exfiltration
Speculative execution
How to drive a branch predictor
Our story so far
On caches and cache pollution
Meanwhile, back at the Lair
Some details
Mitigation
Memory hierarchy from 40,000 ft.
The load problem
Mill "deferred loads"
Reordering constraints
What if speculation gets in trouble?
(Non-)speculable operations
Speculation compared
The Mill protection model
Credits
Disclaimer
Taught by
Strange Loop Conference