RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas

Size: px
Start display at page:

Download "RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas"

Transcription

1 RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas

2 Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS OS Process Process Process Process boundary VM boundary 2

3 Today, privilege implies trust (2/3) If computing remotely, what is the TCB? Priviledge??? LOC 150 KLOC CPU HW Hypervisor trusted computing base 12,000 KLOC OS OS Sanctum decouples HW protection from trust! Process Process Process Process boundary VM boundary 3

4 Today, privilege implies trust (3/3) Side channels leak privacy Sanctum uses hardware-assisted isolation Priviledge OS CPU HW Hypervisor OS Strong privacy & integrity with low overhead Process Process Process Process boundary VM boundary 4

5 Remote Software Attestation (1 /2) Trusted HW Diffie Hellman Software Ecosystem Measures (hash) and Signs Remote user App Trusted HW creates proof for remote user 5

6 Remote Software Attestation (2 /2) Trusted HW Diffie Hellman Software Ecosystem Measures (hash) and Signs Remote user Private data App Private result Remote user decides whether or not to trust certificate 6

7 Prior work: TPM, TXT Trusted Platform Module Trusted Execution Technology Tamper-resistant HW Trusted HW must keep its keys private! Measures (hash) and Signs Remote user Diffie Hellman Private data BIOS, OS, Device drivers and all Private result Prior work included too much SW in their attestation App 12,000+ KLOC Software ecosystem must not be vulnerable 7

8 Recent Success : Intel SGX Ring 0 (supervisor mode) Priviledge??? LOC 12,000 KLOC Intel Factory Intel SGX CPU OS Ring 3 (user mode) Process Process Enclave Enclave immutable commitment of resources to one process. 8

9 Threat Model (Intel SGX) Protect privacy* and integrity** of an enclave against a privileged SW adversary (OS/Hypervisor) SGX prevents: Directly reading/ tampering with: - Config. registers - Enclave memory - Enclave process structures - DMA-capable devices Some specific physical attacks: - DRAM contents - Device secret Physical access! *Indirect observation? **Can SGX keep its keys private? 9

10 Threat Model (Sanctum) Protect privacy and integrity of an enclave against a privileged SW adversary (OS/Hypervisor) Sanctum prevents: Directly read/ tamper with: - Config. registers - Enclave memory - Enclave process structures - DMA-capable devices Indirectly* observe private state via shared: - Caches - Microarchitectural state - Data structures managed by the OS - Interrupts / Faults No protection against physical access or fault injection 10

11 Sanctum s Chain of Trust Priviledge Manufacturer Sanctum HW Certificate Authority Machine mode Privileged (supervisor mode) Security Monitor (SM) OS Unprivileged (user mode) Process Process Strongly Isolated Enclave 11

12 Sanctum s Contributions - Formally verifiable open source SM - Truly small TCB for attestation (small SW and HW) - Hardware-assisted isolation with strong guarantees Machine mode Unprivileged (user mode) Priviledge Privileged (supervisor mode) Hardwired 5 KLOC 12,000 KLOC Process Manufacturer Sanctum HW Security Monitor (SM) OS Process Certificate Authority Strongly Isolated Enclave Open source SW Stronger security with low overhead + 2% area % performance 12

13 Sanctum modifies a RISCV Rocket Chip: 4 cores Build hardware support for Core TLB Core TLB small, trusted software to enforce isolation guarantees for unprivileged software. 64b RISCV PTW Datapath PTW Datapath 16KB Private Cache Private Cache Explicitly multiplex between private and OS-controlled state 2MB LLC LLC Bank LLC Bank DRAM 13

14 Enclaves execute on private cores Core Core - Private L1 caches - Private registers, - Private branch target buffer - Private TLB TLB PTW Datapath Private Cache TLB PTW Datapath Private Cache Security monitor cleans up private state when allocating cores to enclaves / OS LLC Bank LLC Bank DRAM 14

15 Isolated Physical Memory in Sanctum DRAM region is a unit of isolated memory Kernel Memory OS Page Tables OS Virtual Address Space Enclave 1 Private Page Table Enclave private data An enclave s Virtual Address Space Only security monitor has access Security Monitor OS / non-enclave processes Enclave 1 Enclave 2 Physical Address Space DRAM regions are non-overlapping 15

16 Isolating in the LLC (1/8) Physical Address 8 ways 15 Tag Set associative (banked) cache 11 Set Index 6 Line Offset LLC 512 sets, 4 banks Select sets with set index Find way with matching tag == == 64 bytes == Select word from line 16

17 Isolating in the LLC (2/8) Physical Address 15 Tag LLC sharing leaks privacy! 11 Set Index 6 Line Offset LLC OS starves enclave at LLC! Availability of this set leaks privacy == == == 64 bytes 17

18 Isolating in the LLC (2/8) Physical Address LLC 15 Tag LLC sharing leaks privacy! 11 Set Index Give private LLC sets to enclaves! 6 Line Offset == == == 64 bytes 18

19 Isolating in the LLC (4/8) Virtual Address OS controls (TLB caches translations) PTW performs translation Physical Address 52 or fewer Virtual Page Number Virtual address translation 4KB Page Offset Page tables Physical Page Number Page Offset

20 Isolating in the LLC (6/8) Address translation LLC Physical Page Number Tag 15 DRAM Region Index Set Index =5 bits controlled by the OS! Page Offset 12 Line Offset 6 To isolate enclaves in LLC, allocate exclusively, at region granularity! 20

21 Isolating in the LLC (7/8) Address translation LLC DRAM Physical Page Number Tag 15 DRAM Region Index =5 bits! Toy example: 3 DRAM region bits Set Index Page Offset 12 Line Offset 6 Each region is 1 4K page in size... To isolate enclaves in LLC, allocate exclusively, at region granularity! 32KB Small problem : A DMA buffer 21

22 Isolating in the LLC (8/8) Physical Page Number Page Offset 12 Rotate PPN to make colors contiguous in DRAM Tag 15 Set Index 11 Line Offset DRAM Region Index Now top PA bits determine DRAM region DRAM Toy example: 3 DRAM region bits Each region is 32KB contiguous, 32KB

23 Hardware-assisted TLB Page Table Walker Isolation Maintain an invariant: TLB entries are safe! HW enforces invariants at page walk Valid bit Response Address & Invariant checker Response valid bit Page table entry Request Cache & DRAM 23

24 Protect SM memory from everyone OS could rewrite S.M. code, do evil fix by... Never map VAddr to SM memory S.M. sanitizes mode switch TLB PRBASE PRMASK Valid bit Response Address Page Table Walker & == & Response valid bit Page table entry Request Cache & DRAM 24

25 Isolating Enclaves in Physical Memory OS could read/write Enclave memory fix by... Enforce DRAM Region permissions to at page walk S.M. updates permissions when scheduling enclaves TLB Valid bit...other invariants Page Table Walker & & Region DRBMAP index to One Hot Response Address Response valid bit Cache & DRAM Page table entry Request 25

26 Isolating enclave page tables Should this VA use enclave s tables? OS could spy on enclave s page table entries fix by... Implement enclave-private page tables EVBASE == EVMASK VAddr & PTBR EPTBR PARBASE EPARBASE DRBMAP PARMASK EDRBMAP EPARMASK 26

27 Sanctum modifies RISCV Rocket Chip (1/3) Add hardware at interfaces only! ~500 Gates, ~700 FFs Per core Enclave PTs PTW invariant checker Core PTW TLB Datapath Core PTW TLB Datapath Private Cache Private Cache LLC Bank LLC Bank DRAM 27

28 Sanctum modifies RISCV Rocket Chip (2/3) Add hardware at interfaces only! Enclave PTs PTW invariant checker Core PTW TLB Datapath Core PTW TLB Datapath ~50 Gates LLC addr. Rotation 600 Gates, 128 FFs DMA whitelist Private Cache Private Cache LLC Bank LLC Bank (hacks upon hacks) ~6% overall performance overhead! DRAM 28

29 Sanctum modifies RISCV Rocket Chip (3/3) Add hardware at interfaces only! Enclave PTs PTW invariant checker Core PTW TLB Datapath Core PTW TLB Datapath LLC addr. Rotation DMA whitelist Private Cache Private Cache 128 FFs Device secret LLC Bank LLC Bank Boot ROM ~2% area increase in total! Boot ROM Device Secret DRAM 29

30 Measuring Overheads: Experimental setup Platform headers Spec 06* riscv-linux RISCV Compiler Sanctum LLC model RISCV isa-sim Performance counters for Sanctum-related events Estimated static costs for Monitor API calls. $ and DRAM access costs modeled after real devices Post-process event log and counters >275 billion instructions simulated! 30

31 this slide is intentionally left blank 31

32 A Detailed Look at Sanctum s Overheads (2/3) Enclave overhead with a DRAM region allocation of 1/4 of LLC sets Benefit from a large LLC Do not use LLC effectively Perform lots of IO 32

33 A Detailed Look at Sanctum s Overheads (3/3) Enclave overhead for various enclave sizes 33

34 Trusted Manufacturer as CA 34

35 Remote Software Attestation 35

36 Sanctum s Software Stack 36

37 Attestation in Sanctum 37

38 Physical Memory in Sacntum (1/2) 38

39 Physical Memory in Sacntum (1/2) 39

Sanctum: Minimal HW Extensions for Strong SW Isolation

Sanctum: Minimal HW Extensions for Strong SW Isolation CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7a Sanctum: Minimal HW Extensions for Strong SW Isolation Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical &

More information

SGX Security Background. Masab Ahmad Department of Electrical and Computer Engineering University of Connecticut

SGX Security Background. Masab Ahmad Department of Electrical and Computer Engineering University of Connecticut SGX Security Background Masab Ahmad masab.ahmad@uconn.edu Department of Electrical and Computer Engineering University of Connecticut 1 Security Background Outline Cryptographic Primitives Cryptographic

More information

Virtual Memory. Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. November 15, MIT Fall 2018 L20-1

Virtual Memory. Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. November 15, MIT Fall 2018 L20-1 Virtual Memory Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. L20-1 Reminder: Operating Systems Goals of OS: Protection and privacy: Processes cannot access each other s data Abstraction:

More information

Operating System Security

Operating System Security Operating System Security Operating Systems Defined Hardware: I/o...Memory.CPU Operating Systems: Windows or Android, etc Applications run on operating system Operating Systems Makes it easier to use resources.

More information

Computer Architecture Lecture 13: Virtual Memory II

Computer Architecture Lecture 13: Virtual Memory II 18-447 Computer Architecture Lecture 13: Virtual Memory II Lecturer: Rachata Ausavarungnirun Carnegie Mellon University Spring 2014, 2/17/2014 (with material from Onur Mutlu, Justin Meza and Yoongu Kim)

More information

Virtual Memory. Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. April 12, 2018 L16-1

Virtual Memory. Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. April 12, 2018 L16-1 Virtual Memory Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. L16-1 Reminder: Operating Systems Goals of OS: Protection and privacy: Processes cannot access each other s data Abstraction:

More information

Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software

Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, Bryan Parno* Microsoft Research, Cornell University, Carnegie Mellon

More information

CSE 120 Principles of Operating Systems

CSE 120 Principles of Operating Systems CSE 120 Principles of Operating Systems Spring 2018 Lecture 16: Virtual Machine Monitors Geoffrey M. Voelker Virtual Machine Monitors 2 Virtual Machine Monitors Virtual Machine Monitors (VMMs) are a hot

More information

Influential OS Research Security. Michael Raitza

Influential OS Research Security. Michael Raitza Influential OS Research Security Michael Raitza raitza@os.inf.tu-dresden.de 1 Security recap Various layers of security Application System Communication Aspects of security Access control / authorization

More information

CS5460: Operating Systems Lecture 14: Memory Management (Chapter 8)

CS5460: Operating Systems Lecture 14: Memory Management (Chapter 8) CS5460: Operating Systems Lecture 14: Memory Management (Chapter 8) Important from last time We re trying to build efficient virtual address spaces Why?? Virtual / physical translation is done by HW and

More information

Hardware Enclave Attacks CS261

Hardware Enclave Attacks CS261 Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Service (IAS) Process Enclave Untrusted Trusted Enclave Code Enclave Data Process Process Other Enclave OS and/or Hypervisor

More information

Fast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names

Fast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names Fast access ===> use map to find object HW == SW ===> map is in HW or SW or combo Extend range ===> longer, hierarchical names How is map embodied: --- L1? --- Memory? The Environment ---- Long Latency

More information

SGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees

SGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 3b SGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees Slide deck extracted from Kamran s tutorial on SGX and Chenglu s security analysis

More information

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor? Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor? Mr. Jacob Torrey May 13, 2014 Dartmouth College 153 Brooks Road, Rome, NY 315.336.3306 http://ainfosec.com @JacobTorrey torreyj@ainfosec.com

More information

Virtual Memory. Motivations for VM Address translation Accelerating translation with TLBs

Virtual Memory. Motivations for VM Address translation Accelerating translation with TLBs Virtual Memory Today Motivations for VM Address translation Accelerating translation with TLBs Fabián Chris E. Bustamante, Riesbeck, Fall Spring 2007 2007 A system with physical memory only Addresses generated

More information

Virtual Memory Oct. 29, 2002

Virtual Memory Oct. 29, 2002 5-23 The course that gives CMU its Zip! Virtual Memory Oct. 29, 22 Topics Motivations for VM Address translation Accelerating translation with TLBs class9.ppt Motivations for Virtual Memory Use Physical

More information

Virtual Memory. Virtual Memory

Virtual Memory. Virtual Memory Virtual Memory Virtual Memory Main memory is cache for secondary storage Secondary storage (disk) holds the complete virtual address space Only a portion of the virtual address space lives in the physical

More information

Lecture 19: Virtual Memory: Concepts

Lecture 19: Virtual Memory: Concepts CSCI-UA.2-3 Computer Systems Organization Lecture 9: Virtual Memory: Concepts Mohamed Zahran (aka Z) mzahran@cs.nyu.edu http://www.mzahran.com Some slides adapted (and slightly modified) from: Clark Barrett

More information

virtual memory Page 1 CSE 361S Disk Disk

virtual memory Page 1 CSE 361S Disk Disk CSE 36S Motivations for Use DRAM a for the Address space of a process can exceed physical memory size Sum of address spaces of multiple processes can exceed physical memory Simplify Management 2 Multiple

More information

Chapter 5B. Large and Fast: Exploiting Memory Hierarchy

Chapter 5B. Large and Fast: Exploiting Memory Hierarchy Chapter 5B Large and Fast: Exploiting Memory Hierarchy One Transistor Dynamic RAM 1-T DRAM Cell word access transistor V REF TiN top electrode (V REF ) Ta 2 O 5 dielectric bit Storage capacitor (FET gate,

More information

Computer Science 146. Computer Architecture

Computer Science 146. Computer Architecture Computer Architecture Spring 2004 Harvard University Instructor: Prof. dbrooks@eecs.harvard.edu Lecture 18: Virtual Memory Lecture Outline Review of Main Memory Virtual Memory Simple Interleaving Cycle

More information

Cache Performance and Memory Management: From Absolute Addresses to Demand Paging. Cache Performance

Cache Performance and Memory Management: From Absolute Addresses to Demand Paging. Cache Performance 6.823, L11--1 Cache Performance and Memory Management: From Absolute Addresses to Demand Paging Asanovic Laboratory for Computer Science M.I.T. http://www.csg.lcs.mit.edu/6.823 Cache Performance 6.823,

More information

Fast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names

Fast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names Fast access ===> use map to find object HW == SW ===> map is in HW or SW or combo Extend range ===> longer, hierarchical names How is map embodied: --- L1? --- Memory? The Environment ---- Long Latency

More information

Address Translation. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

Address Translation. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University Address Translation Jinkyu Jeong (jinkyu@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Today s Topics How to reduce the size of page tables? How to reduce the time for

More information

INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD

INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD OVERVIEW Fundamental

More information

John Wawrzynek & Nick Weaver

John Wawrzynek & Nick Weaver CS 61C: Great Ideas in Computer Architecture Lecture 23: Virtual Memory John Wawrzynek & Nick Weaver http://inst.eecs.berkeley.edu/~cs61c From Previous Lecture: Operating Systems Input / output (I/O) Memory

More information

Processes and Virtual Memory Concepts

Processes and Virtual Memory Concepts Processes and Virtual Memory Concepts Brad Karp UCL Computer Science CS 37 8 th February 28 (lecture notes derived from material from Phil Gibbons, Dave O Hallaron, and Randy Bryant) Today Processes Virtual

More information

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy COMPUTER ARCHITECTURE Virtualization and Memory Hierarchy 2 Contents Virtual memory. Policies and strategies. Page tables. Virtual machines. Requirements of virtual machines and ISA support. Virtual machines:

More information

Carnegie Mellon. Bryant and O Hallaron, Computer Systems: A Programmer s Perspective, Third Edition

Carnegie Mellon. Bryant and O Hallaron, Computer Systems: A Programmer s Perspective, Third Edition Carnegie Mellon Virtual Memory: Concepts 5-23: Introduction to Computer Systems 7 th Lecture, October 24, 27 Instructor: Randy Bryant 2 Hmmm, How Does This Work?! Process Process 2 Process n Solution:

More information

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006) Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have

More information

virtual memory. March 23, Levels in Memory Hierarchy. DRAM vs. SRAM as a Cache. Page 1. Motivation #1: DRAM a Cache for Disk

virtual memory. March 23, Levels in Memory Hierarchy. DRAM vs. SRAM as a Cache. Page 1. Motivation #1: DRAM a Cache for Disk 5-23 March 23, 2 Topics Motivations for VM Address translation Accelerating address translation with TLBs Pentium II/III system Motivation #: DRAM a Cache for The full address space is quite large: 32-bit

More information

Virtual Memory: From Address Translation to Demand Paging

Virtual Memory: From Address Translation to Demand Paging Constructive Computer Architecture Virtual Memory: From Address Translation to Demand Paging Arvind Computer Science & Artificial Intelligence Lab. Massachusetts Institute of Technology November 12, 2014

More information

Crypto Background & Concepts SGX Software Attestation

Crypto Background & Concepts SGX Software Attestation CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 4b Slide deck extracted from Kamran s tutorial on SGX, presented during ECE 6095 Spring 2017 on Secure Computation and Storage, a precursor to this course

More information

Virtual Memory. CS 3410 Computer System Organization & Programming

Virtual Memory. CS 3410 Computer System Organization & Programming Virtual Memory CS 3410 Computer System Organization & Programming These slides are the product of many rounds of teaching CS 3410 by Professors Weatherspoon, Bala, Bracy, and Sirer. Where are we now and

More information

VIRTUAL MEMORY II. Jo, Heeseung

VIRTUAL MEMORY II. Jo, Heeseung VIRTUAL MEMORY II Jo, Heeseung TODAY'S TOPICS How to reduce the size of page tables? How to reduce the time for address translation? 2 PAGE TABLES Space overhead of page tables The size of the page table

More information

Motivations for Virtual Memory Virtual Memory Oct. 29, Why VM Works? Motivation #1: DRAM a Cache for Disk

Motivations for Virtual Memory Virtual Memory Oct. 29, Why VM Works? Motivation #1: DRAM a Cache for Disk class8.ppt 5-23 The course that gives CMU its Zip! Virtual Oct. 29, 22 Topics Motivations for VM Address translation Accelerating translation with TLBs Motivations for Virtual Use Physical DRAM as a Cache

More information

Virtual Memory. CS 3410 Computer System Organization & Programming. [K. Bala, A. Bracy, E. Sirer, and H. Weatherspoon]

Virtual Memory. CS 3410 Computer System Organization & Programming. [K. Bala, A. Bracy, E. Sirer, and H. Weatherspoon] Virtual Memory CS 3410 Computer System Organization & Programming [K. Bala, A. Bracy, E. Sirer, and H. Weatherspoon] Click any letter let me know you re here today. Instead of a DJ Clicker Question today,

More information

Memory Hierarchy Requirements. Three Advantages of Virtual Memory

Memory Hierarchy Requirements. Three Advantages of Virtual Memory CS61C L12 Virtual (1) CS61CL : Machine Structures Lecture #12 Virtual 2009-08-03 Jeremy Huddleston Review!! Cache design choices: "! Size of cache: speed v. capacity "! size (i.e., cache aspect ratio)

More information

CISC 360. Virtual Memory Dec. 4, 2008

CISC 360. Virtual Memory Dec. 4, 2008 CISC 36 Virtual Dec. 4, 28 Topics Motivations for VM Address translation Accelerating translation with TLBs Motivations for Virtual Use Physical DRAM as a Cache for the Disk Address space of a process

More information

CSCE 410/611: Virtualization!

CSCE 410/611: Virtualization! CSCE 410/611: Virtualization! Definitions, Terminology! Why Virtual Machines?! Mechanics of Virtualization! Virtualization of Resources (Memory)! Some slides made available Courtesy of Gernot Heiser, UNSW.!

More information

Computer Systems. Virtual Memory. Han, Hwansoo

Computer Systems. Virtual Memory. Han, Hwansoo Computer Systems Virtual Memory Han, Hwansoo A System Using Physical Addressing CPU Physical address (PA) 4 Main memory : : 2: 3: 4: 5: 6: 7: 8:... M-: Data word Used in simple systems like embedded microcontrollers

More information

Ascend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM)

Ascend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM) CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7b Ascend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM) Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen

More information

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems Lecture 7 Xen and the Art of Virtualization Paul Braham, Boris Dragovic, Keir Fraser et al. Advanced Operating Systems 16 November, 2011 SOA/OS Lecture 7, Xen 1/38 Contents Virtualization Xen Memory CPU

More information

Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX

Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX W. Wang, G. Chen, X, Pan, Y. Zhang, XF. Wang, V. Bindschaedler, H. Tang, C. Gunter. September 19, 2017 Motivation Intel

More information

Chapter 8 Memory Management

Chapter 8 Memory Management Chapter 8 Memory Management Da-Wei Chang CSIE.NCKU Source: Abraham Silberschatz, Peter B. Galvin, and Greg Gagne, "Operating System Concepts", 9th Edition, Wiley. 1 Outline Background Swapping Contiguous

More information

CIS 4360 Secure Computer Systems SGX

CIS 4360 Secure Computer Systems SGX CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure

More information

CS 152 Computer Architecture and Engineering. Lecture 8 - Address Translation

CS 152 Computer Architecture and Engineering. Lecture 8 - Address Translation CS 152 Computer Architecture and Engineering Lecture 8 - Translation Krste Asanovic Electrical Engineering and Computer Sciences University of California at Berkeley http://www.eecs.berkeley.edu/~krste!

More information

CIS Operating Systems Memory Management Cache. Professor Qiang Zeng Fall 2017

CIS Operating Systems Memory Management Cache. Professor Qiang Zeng Fall 2017 CIS 5512 - Operating Systems Memory Management Cache Professor Qiang Zeng Fall 2017 Previous class What is logical address? Who use it? Describes a location in the logical memory address space Compiler

More information

CSC 5930/9010 Cloud S & P: Virtualization

CSC 5930/9010 Cloud S & P: Virtualization CSC 5930/9010 Cloud S & P: Virtualization Professor Henry Carter Fall 2016 Recap Network traffic can be encrypted at different layers depending on application needs TLS: transport layer IPsec: network

More information

Virtual Machine Monitors (VMMs) are a hot topic in

Virtual Machine Monitors (VMMs) are a hot topic in CSE 120 Principles of Operating Systems Winter 2007 Lecture 16: Virtual Machine Monitors Keith Marzullo and Geoffrey M. Voelker Virtual Machine Monitors Virtual Machine Monitors (VMMs) are a hot topic

More information

CSE 560 Computer Systems Architecture

CSE 560 Computer Systems Architecture This Unit: CSE 560 Computer Systems Architecture App App App System software Mem I/O The operating system () A super-application Hardware support for an Page tables and address translation s and hierarchy

More information

14 May 2012 Virtual Memory. Definition: A process is an instance of a running program

14 May 2012 Virtual Memory. Definition: A process is an instance of a running program Virtual Memory (VM) Overview and motivation VM as tool for caching VM as tool for memory management VM as tool for memory protection Address translation 4 May 22 Virtual Memory Processes Definition: A

More information

Virtual Memory. Patterson & Hennessey Chapter 5 ELEC 5200/6200 1

Virtual Memory. Patterson & Hennessey Chapter 5 ELEC 5200/6200 1 Virtual Memory Patterson & Hennessey Chapter 5 ELEC 5200/6200 1 Virtual Memory Use main memory as a cache for secondary (disk) storage Managed jointly by CPU hardware and the operating system (OS) Programs

More information

Dawn Song

Dawn Song 1 Virtual Machines & Security Dawn Song dawnsong@cs.berkeley.edu Virtual Machines VM: Execution environment that gives the illusion of a real machine VMM/Hypervisor: host software which provides this capability

More information

Virtual Memory II CSE 351 Spring

Virtual Memory II CSE 351 Spring Virtual Memory II CSE 351 Spring 2018 https://xkcd.com/1495/ Virtual Memory (VM) Overview and motivation VM as a tool for caching Address translation VM as a tool for memory management VM as a tool for

More information

CS 152 Computer Architecture and Engineering. Lecture 8 - Address Translation

CS 152 Computer Architecture and Engineering. Lecture 8 - Address Translation CS 152 Computer Architecture and Engineering Lecture 8 - Translation Krste Asanovic Electrical Engineering and Computer Sciences University of California at Berkeley http://www.eecs.berkeley.edu/~krste!

More information

EITF20: Computer Architecture Part 5.1.1: Virtual Memory

EITF20: Computer Architecture Part 5.1.1: Virtual Memory EITF20: Computer Architecture Part 5.1.1: Virtual Memory Liang Liu liang.liu@eit.lth.se 1 Outline Reiteration Cache optimization Virtual memory Case study AMD Opteron Summary 2 Memory hierarchy 3 Cache

More information

Main Memory (Fig. 7.13) Main Memory

Main Memory (Fig. 7.13) Main Memory Main Memory (Fig. 7.13) CPU CPU CPU Cache Multiplexor Cache Cache Bus Bus Bus Memory Memory bank 0 Memory bank 1 Memory bank 2 Memory bank 3 Memory b. Wide memory organization c. Interleaved memory organization

More information

CS 152 Computer Architecture and Engineering

CS 152 Computer Architecture and Engineering CS 152 Computer Architecture and Engineering Lecture 12 -- Virtual Memory 2014-2-27 John Lazzaro (not a prof - John is always OK) TA: Eric Love www-inst.eecs.berkeley.edu/~cs152/ Play: CS 152 L12: Virtual

More information

Computer Architecture Background

Computer Architecture Background CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 2b Computer Architecture Background Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical & Computer Engineering

More information

Embedded Systems Dr. Santanu Chaudhury Department of Electrical Engineering Indian Institute of Technology, Delhi

Embedded Systems Dr. Santanu Chaudhury Department of Electrical Engineering Indian Institute of Technology, Delhi Embedded Systems Dr. Santanu Chaudhury Department of Electrical Engineering Indian Institute of Technology, Delhi Lecture - 13 Virtual memory and memory management unit In the last class, we had discussed

More information

CIS Operating Systems Memory Management Cache and Demand Paging. Professor Qiang Zeng Spring 2018

CIS Operating Systems Memory Management Cache and Demand Paging. Professor Qiang Zeng Spring 2018 CIS 3207 - Operating Systems Memory Management Cache and Demand Paging Professor Qiang Zeng Spring 2018 Process switch Upon process switch what is updated in order to assist address translation? Contiguous

More information

Meltdown or "Holy Crap: How did we do this to ourselves" Meltdown exploits side effects of out-of-order execution to read arbitrary kernelmemory

Meltdown or Holy Crap: How did we do this to ourselves Meltdown exploits side effects of out-of-order execution to read arbitrary kernelmemory Meltdown or "Holy Crap: How did we do this to ourselves" Abstract Meltdown exploits side effects of out-of-order execution to read arbitrary kernelmemory locations Breaks all security assumptions given

More information

CS252 S05. Main memory management. Memory hardware. The scale of things. Memory hardware (cont.) Bottleneck

CS252 S05. Main memory management. Memory hardware. The scale of things. Memory hardware (cont.) Bottleneck Main memory management CMSC 411 Computer Systems Architecture Lecture 16 Memory Hierarchy 3 (Main Memory & Memory) Questions: How big should main memory be? How to handle reads and writes? How to find

More information

Virtual Memory. Samira Khan Apr 27, 2017

Virtual Memory. Samira Khan Apr 27, 2017 Virtual Memory Samira Khan Apr 27, 27 Virtual Memory Idea: Give the programmer the illusion of a large address space while having a small physical memory So that the programmer does not worry about managing

More information

EECS 470. Lecture 16 Virtual Memory. Fall 2018 Jon Beaumont

EECS 470. Lecture 16 Virtual Memory. Fall 2018 Jon Beaumont Lecture 16 Virtual Memory Fall 2018 Jon Beaumont http://www.eecs.umich.edu/courses/eecs470 Slides developed in part by Profs. Austin, Brehob, Falsafi, Hill, Hoe, Lipasti, Shen, Smith, Sohi, Tyson, and

More information

Another View of the Memory Hierarchy. Lecture #25 Virtual Memory I Memory Hierarchy Requirements. Memory Hierarchy Requirements

Another View of the Memory Hierarchy. Lecture #25 Virtual Memory I Memory Hierarchy Requirements. Memory Hierarchy Requirements CS61C L25 Virtual I (1) inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Lecture #25 Virtual I 27-8-7 Scott Beamer, Instructor Another View of the Hierarchy Thus far{ Next: Virtual { Regs Instr.

More information

Secure Boot and Remote Attestation in the Sanctum Processor

Secure Boot and Remote Attestation in the Sanctum Processor Secure Boot and Remote Attestation in the Sanctum Processor Ilia Lebedev MIT CSAIL, USA ilebedev@csail.mit.edu Kyle Hogan MIT CSAIL, USA klhogan@csail.mit.edu Srinivas Devadas MIT CSAIL, USA devadas@mit.edu

More information

CSE 120 Principles of Operating Systems

CSE 120 Principles of Operating Systems CSE 120 Principles of Operating Systems Spring 2018 Lecture 10: Paging Geoffrey M. Voelker Lecture Overview Today we ll cover more paging mechanisms: Optimizations Managing page tables (space) Efficient

More information

Systems Programming and Computer Architecture ( ) Timothy Roscoe

Systems Programming and Computer Architecture ( ) Timothy Roscoe Systems Group Department of Computer Science ETH Zürich Systems Programming and Computer Architecture (252-6-) Timothy Roscoe Herbstsemester 26 AS 26 Virtual Memory 8: Virtual Memory Computer Architecture

More information

Secure Boot and Remote Attestation in the Sanctum Processor

Secure Boot and Remote Attestation in the Sanctum Processor Secure Boot and Remote Attestation in the Sanctum Processor Ilia Lebedev MIT CSAIL, USA ilebedev@csail.mit.edu Kyle Hogan MIT CSAIL, USA klhogan@csail.mit.edu Srinivas Devadas MIT CSAIL, USA devadas@mit.edu

More information

Sandboxing Untrusted Code: Software-Based Fault Isolation (SFI)

Sandboxing Untrusted Code: Software-Based Fault Isolation (SFI) Sandboxing Untrusted Code: Software-Based Fault Isolation (SFI) Brad Karp UCL Computer Science CS GZ03 / M030 9 th December 2011 Motivation: Vulnerabilities in C Seen dangers of vulnerabilities: injection

More information

Certifying Program Execution with Secure Processors. Benjie Chen Robert Morris Laboratory for Computer Science Massachusetts Institute of Technology

Certifying Program Execution with Secure Processors. Benjie Chen Robert Morris Laboratory for Computer Science Massachusetts Institute of Technology Certifying Program Execution with Secure Processors Benjie Chen Robert Morris Laboratory for Computer Science Massachusetts Institute of Technology Motivation All PCs may soon include trusted computing

More information

Virtual Memory Virtual memory first used to relive programmers from the burden of managing overlays.

Virtual Memory Virtual memory first used to relive programmers from the burden of managing overlays. CSE420 Virtual Memory Prof. Mokhtar Aboelaze York University Based on Slides by Prof. L. Bhuyan (UCR) Prof. M. Shaaban (RIT) Virtual Memory Virtual memory first used to relive programmers from the burden

More information

CSCE 410/611: Virtualization

CSCE 410/611: Virtualization CSCE 410/611: Virtualization Definitions, Terminology Why Virtual Machines? Mechanics of Virtualization Virtualization of Resources (Memory) Some slides made available Courtesy of Gernot Heiser, UNSW.

More information

Memory Management. Disclaimer: some slides are adopted from book authors slides with permission 1

Memory Management. Disclaimer: some slides are adopted from book authors slides with permission 1 Memory Management Disclaimer: some slides are adopted from book authors slides with permission 1 CPU management Roadmap Process, thread, synchronization, scheduling Memory management Virtual memory Disk

More information

Virtualization with XEN. Trusted Computing CS599 Spring 2007 Arun Viswanathan University of Southern California

Virtualization with XEN. Trusted Computing CS599 Spring 2007 Arun Viswanathan University of Southern California Virtualization with XEN Trusted Computing CS599 Spring 2007 Arun Viswanathan University of Southern California A g e n d a Introduction Virtualization approaches Basic XEN Architecture Setting up XEN Bootstrapping

More information

csci 3411: Operating Systems

csci 3411: Operating Systems csci 3411: Operating Systems Memory Management II Gabriel Parmer Slides adapted from Silberschatz and West Each Process has its Own Little World Virtual Address Space Picture from The

More information

Introduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017

Introduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017 Introduction to SGX (Software Guard Extensions) and SGX Virtualization Kai Huang, Jun Nakajima (Speaker) July 12, 2017 1 INTEL RESTRICTED SECRET Agenda SGX Introduction Xen SGX Virtualization Support Backup

More information

HY225 Lecture 12: DRAM and Virtual Memory

HY225 Lecture 12: DRAM and Virtual Memory HY225 Lecture 12: DRAM and irtual Memory Dimitrios S. Nikolopoulos University of Crete and FORTH-ICS May 16, 2011 Dimitrios S. Nikolopoulos Lecture 12: DRAM and irtual Memory 1 / 36 DRAM Fundamentals Random-access

More information

Virtual Memory Nov 9, 2009"

Virtual Memory Nov 9, 2009 Virtual Memory Nov 9, 2009" Administrivia" 2! 3! Motivations for Virtual Memory" Motivation #1: DRAM a Cache for Disk" SRAM" DRAM" Disk" 4! Levels in Memory Hierarchy" cache! virtual memory! CPU" regs"

More information

Leveraging Intel SGX to Create a Nondisclosure Cryptographic library

Leveraging Intel SGX to Create a Nondisclosure Cryptographic library CS 2530 - Computer and Network Security Project presentation Leveraging Intel SGX to Create a Nondisclosure Cryptographic library Mohammad H Mofrad & Spencer L Gray University of Pittsburgh Thursday, December

More information

18-447: Computer Architecture Lecture 16: Virtual Memory

18-447: Computer Architecture Lecture 16: Virtual Memory 18-447: Computer Architecture Lecture 16: Virtual Memory Justin Meza Carnegie Mellon University (with material from Onur Mutlu, Michael Papamichael, and Vivek Seshadri) 1 Notes HW 2 and Lab 2 grades will

More information

CS 153 Design of Operating Systems Winter 2016

CS 153 Design of Operating Systems Winter 2016 CS 153 Design of Operating Systems Winter 2016 Lecture 16: Memory Management and Paging Announcement Homework 2 is out To be posted on ilearn today Due in a week (the end of Feb 19 th ). 2 Recap: Fixed

More information

CS 152 Computer Architecture and Engineering. Lecture 9 - Address Translation

CS 152 Computer Architecture and Engineering. Lecture 9 - Address Translation CS 152 Computer Architecture and Engineering Lecture 9 - Address Translation Krste Asanovic Electrical Engineering and Computer Sciences University of California at Berkeley http://www.eecs.berkeley.edu/~krste

More information

CS 61C: Great Ideas in Computer Architecture. Lecture 23: Virtual Memory. Bernhard Boser & Randy Katz

CS 61C: Great Ideas in Computer Architecture. Lecture 23: Virtual Memory. Bernhard Boser & Randy Katz CS 61C: Great Ideas in Computer Architecture Lecture 23: Virtual Memory Bernhard Boser & Randy Katz http://inst.eecs.berkeley.edu/~cs61c Agenda Virtual Memory Paged Physical Memory Swap Space Page Faults

More information

CS 61C: Great Ideas in Computer Architecture Virtual Memory. Instructors: John Wawrzynek & Vladimir Stojanovic

CS 61C: Great Ideas in Computer Architecture Virtual Memory. Instructors: John Wawrzynek & Vladimir Stojanovic CS 61C: Great Ideas in Computer Architecture Virtual Memory Instructors: John Wawrzynek & Vladimir Stojanovic http://inst.eecs.berkeley.edu/~cs61c/ 1 Review Programmed I/O Polling vs. Interrupts Booting

More information

CS 333 Introduction to Operating Systems. Class 11 Virtual Memory (1) Jonathan Walpole Computer Science Portland State University

CS 333 Introduction to Operating Systems. Class 11 Virtual Memory (1) Jonathan Walpole Computer Science Portland State University CS 333 Introduction to Operating Systems Class 11 Virtual Memory (1) Jonathan Walpole Computer Science Portland State University Virtual addresses Virtual memory addresses (what the process uses) Page

More information

Memory Management. Disclaimer: some slides are adopted from book authors slides with permission 1

Memory Management. Disclaimer: some slides are adopted from book authors slides with permission 1 Memory Management Disclaimer: some slides are adopted from book authors slides with permission 1 CPU management Roadmap Process, thread, synchronization, scheduling Memory management Virtual memory Disk

More information

@2010 Badri Computer Architecture Assembly II. Virtual Memory. Topics (Chapter 9) Motivations for VM Address translation

@2010 Badri Computer Architecture Assembly II. Virtual Memory. Topics (Chapter 9) Motivations for VM Address translation Virtual Memory Topics (Chapter 9) Motivations for VM Address translation 1 Motivations for Virtual Memory Use Physical DRAM as a Cache for the Disk Address space of a process can exceed physical memory

More information

Virtual Memory. Stefanos Kaxiras. Credits: Some material and/or diagrams adapted from Hennessy & Patterson, Hill, online sources.

Virtual Memory. Stefanos Kaxiras. Credits: Some material and/or diagrams adapted from Hennessy & Patterson, Hill, online sources. Virtual Memory Stefanos Kaxiras Credits: Some material and/or diagrams adapted from Hennessy & Patterson, Hill, online sources. Caches Review & Intro Intended to make the slow main memory look fast by

More information

Virtual Memory. CS61, Lecture 15. Prof. Stephen Chong October 20, 2011

Virtual Memory. CS61, Lecture 15. Prof. Stephen Chong October 20, 2011 Virtual Memory CS6, Lecture 5 Prof. Stephen Chong October 2, 2 Announcements Midterm review session: Monday Oct 24 5:3pm to 7pm, 6 Oxford St. room 33 Large and small group interaction 2 Wall of Flame Rob

More information

EITF20: Computer Architecture Part 5.1.1: Virtual Memory

EITF20: Computer Architecture Part 5.1.1: Virtual Memory EITF20: Computer Architecture Part 5.1.1: Virtual Memory Liang Liu liang.liu@eit.lth.se 1 Outline Reiteration Virtual memory Case study AMD Opteron Summary 2 Memory hierarchy 3 Cache performance 4 Cache

More information

CSE 153 Design of Operating Systems

CSE 153 Design of Operating Systems CSE 53 Design of Operating Systems Winter 28 Lecture 6: Paging/Virtual Memory () Some slides modified from originals by Dave O hallaron Today Address spaces VM as a tool for caching VM as a tool for memory

More information

CS 152 Computer Architecture and Engineering. Lecture 9 - Address Translation

CS 152 Computer Architecture and Engineering. Lecture 9 - Address Translation CS 152 Computer Architecture and Engineering Lecture 9 - Address Translation Krste Asanovic Electrical Engineering and Computer Sciences University of California at Berkeley http://www.eecs.berkeley.edu/~krste!

More information

CS 61C: Great Ideas in Computer Architecture. Lecture 23: Virtual Memory

CS 61C: Great Ideas in Computer Architecture. Lecture 23: Virtual Memory CS 61C: Great Ideas in Computer Architecture Lecture 23: Virtual Memory Krste Asanović & Randy H. Katz http://inst.eecs.berkeley.edu/~cs61c/fa17 1 Agenda Virtual Memory Paged Physical Memory Swap Space

More information

Carnegie Mellon. 16 th Lecture, Mar. 20, Instructors: Todd C. Mowry & Anthony Rowe

Carnegie Mellon. 16 th Lecture, Mar. 20, Instructors: Todd C. Mowry & Anthony Rowe Virtual Memory: Concepts 5 23 / 8 23: Introduction to Computer Systems 6 th Lecture, Mar. 2, 22 Instructors: Todd C. Mowry & Anthony Rowe Today Address spaces VM as a tool lfor caching VM as a tool for

More information

Trustzone Security IP for IoT

Trustzone Security IP for IoT Trustzone Security IP for IoT Udi Maor CryptoCell-7xx product manager Systems & Software Group ARM Tech Forum Singapore July 12 th 2017 Why is getting security right for IoT so important? When our everyday

More information

Virtualization and memory hierarchy

Virtualization and memory hierarchy Virtualization and memory hierarchy Computer Architecture J. Daniel García Sánchez (coordinator) David Expósito Singh Francisco Javier García Blas ARCOS Group Computer Science and Engineering Department

More information

CSE 451: Operating Systems Winter Page Table Management, TLBs and Other Pragmatics. Gary Kimura

CSE 451: Operating Systems Winter Page Table Management, TLBs and Other Pragmatics. Gary Kimura CSE 451: Operating Systems Winter 2013 Page Table Management, TLBs and Other Pragmatics Gary Kimura Moving now from Hardware to how the OS manages memory Two main areas to discuss Page table management,

More information