The course teaches how to efficiently mitigate transient execution attacks using the Unmapped Speculation Contract. The learning outcomes include understanding the performance penalties of current mitigations, implementing the unmapped speculation contract, and redesigning the kernel to leverage this contract. The course covers skills such as splitting the kernel, utilizing USC, redesigning the kernel to avoid switches, and implementing memory allocation without world switches. The teaching method involves presenting a new kernel design called Ward and evaluating its performance improvements. The intended audience for this course includes software developers, kernel engineers, and cybersecurity professionals interested in mitigating transient execution attacks efficiently.
Efficiently Mitigating Transient Execution Attacks Using the Unmapped Speculation Contract
Overview
Syllabus
Intro
Transient execution attacks risk leaking information Linux maintains security using software mitigations
Software mitigations are expensive
Goal: faster mitigations
Transient execution attack example
Typical mitigation approach
Ward has a different approach
Our observation: Unmapped Speculation Contract (USC)
USC is a good hardware-software contract
Split kernel to leverage USC
Syscalls start executing in the Q-domain
World switches use two stacks
Redesigning the kernel to avoid switches
Allocating memory without world switches
Implementation
Ward does better on LEBench
Related Work: Spectrum of defenses
Open question: what is the best way to mitigate attacks?
Conclusion
Taught by
USENIX
