480 likes | 491 Views
Learn the basics of CUDA programming and advanced computer architecture in this comprehensive course. Determine if this course is right for you, understand the prerequisites and what is expected of you. Explore modern processor design and security attacks. Dive into Intel's Sandy Bridge architecture, Meltdown and Spectre attacks, and Moin Qureshi's paper on mitigating cache attacks. Discover the architecture of Intel's Sandy Bridge chip and understand its core architecture and memory access units. Gain insights into Meltdown and Spectre attacks and learn how to check if an address is cached. Study the concepts of flush+reload, exception handling, and branch prediction exploitation. Finally, explore the CEASER technique for mitigating conflict-based cache attacks through encrypted address and remapping.
E N D
Introduction to CUDA Programming Advanced Computer Architecture Andreas Moshovos Winter 2019 Introduction
Goals for Today • Should you take the course? • What should you know • What is expected of you • What you will get out of it
Should you take the course • What should you know? • I’ll let you decide on your own • To help you: • Overview modern processor design • Through reviewing modern security attacks • And to make it worthwhile for everyone • Through reviewing a recent excellent work on mitigating them
Material for today • Intel Sandy Bridge overview • Older design but Intel is using the same microarchitecture with “minor” tweaks as far as our discussion is concerned • Meltdown and Spectre attacks • Got to really understand micro-architecture to “get it” • Moin Qureshi’s: CEASER: Mitigating Conflict-Based Cache Attacks via Encrypted-Address and Remapping. MICRO 2018: 775-787, best paper award
Chip Architecture • 32nm
Memory Access Units L1 load to use latency is 4 cycles Banked to support multiple accesses Poor man’s multiporting? L2 load to use latency is 12 cycles
L3 and ring interconnect • CPUs, GPU and system agent • Communicate via a ring • Each CPU has an 2MB 8-way SA L3 slice • Static hash of addresses to slices • Latency varies: which core to which slice • 26-31 cycles • Max bandwidth: 435.2GB/s at 3.4Ghz
Isolation • User vs. kernel space isolation • Privilege bit • Kernel space mapped onto user space
Overview of attack • Exploit speculative execution • To temporarily load protected data into a register • Use value to cause micro-architectural state change which persists
Flush+Reload • Clflush instruction • Flush any cache line that contains a specific address • Works for shared addresses • Think code that is shared among two processes • Paper shows how to use that to read the secret key by detecting the order in which code functions are called
Exception • E.g., divide by zero or access illegal address • Suppression vs. Handling • Handling: • fork prior to exception • Suppression: • Use Transactional Memory handling • Branch prediction exploitation (Spectre)
Example • Line 4: attempt to read the secret address [rcx] into register al • this will raise a protection exception but the CPU will still do it as part of speculative execution the exception will be handled when the mov tries to RETIRE (Commit) • SHL by 12 multiplies the AL values by 4K the page size • The mov RBX will try to read a page at a distance based on the AL value. • This is a race, may or may not happen. • Step 2: the attacker times accesses to all 256 pages.
Goal • LLC is shared • LLC contains micro-architectural state • Using side-channel attacks a process can read values from another process through this side-channel • TO do so the attacker needs to know how addresses are mapped onto the LLC • CEASER: per process mapping which changes frequently
CEASER: Mitigating Conflict-Based Attacks via Encrypted-Address and Remapping MICRO-2018 Moinuddin Qureshi
Background: Resource Sharing Modern systems share LLC for improving resource utilization B LLC CORE CORE Sharing the LLC allows system to dynamically allocate LLC capacity
Conflict-Based Cache Attacks Co-running spy can infer access pattern of victim by causing cache conflicts V B B A Miss for B Victim Accessed Set LLC CORE (Spy) CORE (Victim) Conflicts leak access pattern, used to infer secret [AES – Bernstein’05]
Prior Solutions Table-Based Randomization Way Partitioning RPCache[ISCA’07], NewCache[MICRO’08] NoMo [TACO’12], CATalyst [HPCA’16] Mapping Table (MT) Inefficient use of cache space Mapping Table large for LLC (MBs) OS support needed to protect Table Not scalable to many core
Our Goal • Protect the LLC from conflict-based attacks, while incurring • Negligible storage overhead • Negligible performance overhead • No OS support • No restriction on capacity sharing • Localized Implementation
Outline • Why? • CEASE • CEASER • Effective?
CEASE: Cache using Encrypted Address Space Insight: Don’t memorize the random mapping, compute it Key Key Encrypt xCAFE0000 Decrypt Physical Line Address (PLA) 0xa17b20cf (ELA) LLC Dirty Evict ELA CEASE Localized change (ELA visible only within the cache) Cache operations (access, coherence, prefetch) all remain unchanged
Randomization via Encryption Lines that mapped to the same set, get scattered to different sets B’’ A’ B A’’ A Key Key B’ Encrypt Encrypt LLC LLC LLC Mapping depends on the key, different machines have different keys CEASE CEASE
Encryption: Need Fast, Small-Width Cipher Block Cipher B B PlainText CipherText PLA is ~40 bits (up-to 64TB memory) • Small-width Ciphers deemed insecure: • Brute-force attack on key • Memorize all input-output pairs Insight: ELA not visible to attacker (okay to use 40-bit block cipher) Larger tag (80+ bits) Latency of 10+ cycles
Low-Latency Block Cipher (LLBC) Four-Stage Feistel-Network (with Substitution-Permutation Network) *inspired by DES and BlowFish Encryption LLBC incurs a delay of 24 XOR gates (approximately 2-cycle latency)
Outline • Why? • CEASE • CEASER • Effective?
Let’s Break CEASE … [Liu et al. S&P, 2015] Form pattern such that cache has a conflict miss D Remove one line from pattern & check conflict B E Conflict Miss? Yes C A No LLC Removed line MAPS to conflicting set Removed line NOT in conflicting set Attacker can break CEASE within 22 seconds (8MB LLC)
CEASER: CEASE with Remapping Split time into Epoch of N accesses (change Key every Epoch) Key Key Key CACHE BULK time EPOCH CurrKey CurrKey CurrKey NextKey NextKey NextKey GRADUAL CEASER uses gradual remapping to periodically change the keys
CEASER: CEASE with Remapping Remap-Rate of 1 % Remap W-way set after (100*W) accesses SetPtr X1 A1 A0 B0 B1 X0 Access=400 Epoch=0 Access=800 Epoch=0 Access=600 Epoch=0 Access=200 Epoch=0 Access=0 Epoch=0 Access=0 Epoch=1 Y0 Y1 CurrKey CurrKey Z0 Z1 NextKey NextKey Cache Access: If (Set[CurrKey] < Sptr) Use NextKey CEASER with gradual remap needs negligible hardware (one bit per line)
Outline • Why? • CEASE • CEASER • Effective?
Security Analysis Time to learn “Eviction Set” for one set (vulnerability removed after remap, <1ms) Limits impact on missrate, energy, accesses to ~1% CEASER can tolerate years of attack (Even with remap-rate of 1%)
Performance and Storage Overheads 8 cores with 8MB LLC 16-way (34 workloads, SPEC + Graph) Norm Performance (%) Rate-34 Mix-100 ALL-134 CEASER incurs negligible slowdown (~1% ) and storage overheads (24 bytes)
Summary Need practical solution to protect LLC from conflict-based attacks Robust to attacks (years) Key1 Key2 Negligible slowdown (~ 1%) Encrypt Line Address Negligible storage (24 bytes) Cache Localized change (within cache) Change Key, Periodically Appealing for Industrial Adoption No OS support needed
On average we will meet once per week • I will be traveling at times and I will be making up for the time “lost” by holding two lectures for some weeks • What I expect you to do • Reading assignments per week • Questionnaires to be handed in at the beginning of class • Homeworks • Programming assignments • Project • Validate some prior work • Do something new • Maybe present papers (we will see)