Ceviche: Capability-Enhanced Virtualization of Caches
Event Actions
Ceviche: Capability-Enhanced Virtualization of Caches
Abstract:
Sharing of physical hardware resources invariably leads to the creation of covert and side-channels wherein the attacker's thread of execution covertly examines execution of the victim thread and/or steal private information. For example, in modern processors, private L1 and L2 caches may be shared between two or more logical cores and the LLC is shared between two or more physical cores. Cache lookups are address dependent, so any presence or absence of data in the caches can leak sensitive program information.
We propose Ceviche, a novel hardware virtualization strategy that enables secure allocation and sharing of cache resources between threads that belong to different trust domains. In order to achieve this, the address and domain ID pair gets translated to a capability that encodes the cache line number and the set of operations allowed on the cache line. As a result, Ceviche can achieve fine-grained partitioning of the cache, enforcing confidentiality, availability and fairness guarantees, while at the same time maximizing cache utilization.
Ceviche offers protection at all levels of the cache hierarchy after incurring a performance penalty of 4.7% when compared to an insecure baseline, while outperforming a partitioning-based secure baseline by 14.8%.
Committee:
- Adwait Jog, Committee Chair (CS/SEAS/UVA)
- Ashish Venkat, Advisor (CS/SEAS/UVA)
- Jack Davidson (CS/SEAS/UVA)
- Chang Lou (CS/SEAS/UVA)