Abstract:Cache coherence states have recently been exploited to leak secrets through timing-channel attacks. The root cause lies in the fact that shared data in state Exclusive (E) and state Shared (S) are served from different cache layers. The state-of-the-art countermeasure—S-MESI—serves both E- and S-state shared data from the last-level cache (LLC) by explicitly synchronizing the Modified (M) state across private caches and the LLC. This has to sacrifice the silent upgrade feature that MESI introduces for speedup. Moreover, it enforces protection to not only exploitable shared data but also unshared data. This further slows down performance, especially for write-after-read intensive applications. In this paper, we propose SwiftDir to efficiently secure cache coherence against cover-channel attacks without overprotection. SwiftDir fundamentally narrows down the protection scope to write-protected data. Such exploitable shared data can be uniquely identified with the write-protection permission in the memory management unit (MMU) and do not necessarily transit to state M. We validate this idea through tracing system calls of shared libraries on Linux. We then investigate all three commercial cache architectures (i.e., PIPT, VIPT, and VIVT) and find it feasible to hitchhike the address translation process to transmit the write-protection information from the MMU to the coherence controller. Then SwiftDir enforces protection over only write-protected data by serving all requests toward them directly from the LLC with a constant latency. This not only simplifies how MESI handles write-protected data but also avoids how S-MESI overprotects them. Meanwhile, SwiftDir still preserves silent upgrade for efficient handling of unshared data. Extensive experiments demonstrate that our SwiftDir can secure cache coherence while outperforming not only secure SMESI but also unprotected MESI.

SwiftDir: Secure Cache Coherence Without Overprotection.

Building Expressive and Area-Efficient Directories with Hybrid Representation and Adaptive Multi-Granular Tracking

DEAM：Decoupled, Expressive, Area-Efficient Metadata Cache

SelectDirectory: a Selective Directory for Cache Coherence in Many-Core Architectures.

TreasureCache: Hiding Cache Evictions Against Side-Channel Attacks

A software approach to defeating side channels in last-level caches

SYNC+SYNC: Software Cache Write Covert Channels Exploiting Memory-disk Synchronization

Protecting In-memory Data Cache with Secure Enclaves in Untrusted Cloud.

Timing Cache Accesses to Eliminate Side Channels in Shared Software

TC-Release++: an Efficient Timestamp-Based Coherence Protocol for Many-Core Architectures.

Protecting Cache States Against Both Speculative Execution Attacks and Side-channel Attacks

Cache Bandwidth Contention Leaks Secrets

SEA Cache: A Performance-Efficient Countermeasure for Contention-based Attacks

Sync+Sync: A Covert Channel Built on fsync with Storage

Write Me and I'll Tell You Secrets -- Write-After-Write Effects On Intel CPUs

Low power cache architecture with security mechanism

SCAFinder: Formal Verification of Cache Fine-Grained Features for Side Channel Detection

Swift shadow paging (SSP): no write-protection but following TLB flushing

Adversarial Prefetch: New Cross-Core Cache Side Channel Attacks

Shared Write Buffer To Support Data Sharing Among Speculative Multi-Threading Cores

Cache coherence protocol and implementation for multiprocessors with no-write-allocate caches