Spectre attacks exploit microprocessor speculative execution to read and transmit forbidden data outside the attacker's trust domain and sandbox. Recent hardware schemes allow potentially-unsafe speculative accesses but prevent the secret's transmission by delaying most access-dependent instructions even in the predominantly-common, no-attack case, which incurs performance loss and hardware complexity. Instead, we propose SafeBet which allows only, and does not delay most, safe accesses, achieving both security and high performance. SafeBet is based on the key observation that speculatively accessing a destination location is safe if the location's access by the same static trust domain has been committed previously; and potentially unsafe, otherwise. We extend this observation to handle inter trust-domain code and data interactions. SafeBet employs the Speculative Memory Access Control Table (SMACT) to track non-speculative trust domain code region-destination pairs. Disallowed accesses wait until reaching commit to trigger well-known replay, with virtually no change to the pipeline. Software simulations using SpecCPU benchmarks show that SafeBet uses an 8.3-KB SMACT per core to perform within 6% on average (63% at worst) of the unsafe baseline behind which NDA-restrictive, a previous scheme of security and hardware complexity comparable to SafeBet's, lags by 83% on average.

翻译：Spectre攻击利用微处理器的推测执行，在攻击者信任域和沙箱之外读取并传输禁止数据。最近的硬件方案允许潜在不安全的推测访问，但即使在绝大多数常见的无攻击情况下，仍通过延迟大多数访问相关指令来防止秘密传输，这会导致性能损失和硬件复杂性。相反，我们提出SafeBet，它仅允许安全访问且不延迟大多数此类访问，从而同时实现安全性和高性能。SafeBet基于以下关键观察：如果同一静态信任域先前已提交对目标位置的访问，则推测访问该位置是安全的；否则可能不安全。我们扩展了这一观察以处理跨信任域的代码与数据交互。SafeBet采用推测内存访问控制表（SMACT）来跟踪非推测信任域的代码区域-目标地址对。被禁止的访问会等待直至到达提交点以触发众所周知的回放机制，且几乎无需改变流水线。使用SpecCPU基准测试进行的软件模拟表明，SafeBet每个核心使用8.3 KB的SMACT，其性能平均在（最坏情况下为63%）不安全基线的6%以内，而先前与SafeBet安全性及硬件复杂度相当的方案NDA-restrictive平均落后83%。