You Shall Not Bypass: Employing data dependencies to prevent Bounds Check Bypass
This addresses a critical security problem for software developers and users by mitigating microarchitectural attacks with reduced performance impact, though it is incremental over existing solutions.
The paper tackles the Bounds Check Bypass vulnerability in Spectre attacks by proposing methods to delay vulnerable instructions without full serialization, achieving a 60% overhead compared to 440% for serialization.
A recent discovery of a new class of microarchitectural attacks called Spectre picked up the attention of the security community as these attacks can circumvent many traditional mechanisms of defense. One of the attacks---Bounds Check Bypass---can neither be efficiently solved on system nor architectural levels and requires changes in the application itself. So far, the proposed mitigations involved serialization, which reduces the usage of CPU resources and causes high overheads. In this report, we explore methods of delaying the vulnerable instructions without complete serialization. We discuss several ways of achieving it and compare them with Speculative Load Hardening, an existing solution based on a similar idea. The solutions of this type cause 60% overhead across Phoenix benchmark suite, which compares favorably to the full serialization causing 440% slowdown.