This paper introduces Okapi, a new hardware/software cross-layer architecture designed to mitigate Transient Execution Side Channel (TES) attacks in modern computing systems. Okapi enforces sandboxing for speculative execution, providing a hardware basis that can replace expensive speculation barriers in software. At its core, Okapi allows for speculative data accesses to a memory page only after the page has been accessed non-speculatively at least once by the current trust domain. The granularity of the trust domains can be controlled in software to achieve different security and performance trade-offs. For environments with less stringent security needs, Okapi's features can be deactivated to remove all performance overhead. Without relying on any software modification, the Okapi hardware features already provide full protection against TES breakout attacks at a thread-level granularity. This incurs an average performance overhead of only 3.17% for the SPEC CPU2017 benchmark suite. Okapi introduces the OkapiReset instruction for additional software-level security support. This instruction allows for fine-grained sandboxing with custom program sizes smaller than a thread, resulting in 1.68% performance overhead in our WebAssembly runtime experiment. On top, Okapi provides the possibility to eliminate poisoning attacks. For the highest level of security, the OkapiLoad instruction prevents confidential data from being added to the trust domain after a sequential access, thereby enforcing weak speculative non-interference. In addition, we present a hardware extension that limits the exploitable code space for Spectre gadgets to well-defined sections of the program. By ensuring the absence of gadgets in these sections, developers can tailor their software towards achieving beneficial trade-offs between the size of a trust domain and performance.

翻译：本文介绍Okapi，一种旨在缓解现代计算系统中瞬态执行侧信道（TES）攻击的新型硬件/软件跨层架构。Okapi对推测执行实施沙箱机制，提供可替代软件中昂贵推测屏障的硬件基础。其核心原理是：仅当当前信任域对某内存页已进行至少一次非推测性访问后，才允许对该页进行推测性数据访问。信任域的粒度可通过软件控制，以实现不同的安全与性能权衡。对于安全性要求不高的环境，可关闭Okapi功能以消除所有性能开销。在无需任何软件修改的情况下，Okapi的硬件特性已可在线程级粒度下提供针对TES突破攻击的全面防护。在SPEC CPU2017基准测试套件中，该方案平均性能开销仅为3.17%。Okapi引入OkapiReset指令以提供额外的软件级安全支持。该指令支持对小于线程的自定义程序尺寸进行细粒度沙箱化，在我们的WebAssembly运行时实验中仅带来1.68%的性能开销。在此基础上，Okapi还可消除注入攻击。为实现最高安全级，OkapiLoad指令可防止机密数据在顺序访问后被加入信任域，从而强制执行弱推测非干扰性。此外，我们提出一种硬件扩展方案，将Spectre gadgets的可利用代码空间限制在明确定义的程序段内。通过确保这些段中不存在gadgets，开发者可调整软件设计，在信任域尺寸与性能之间实现有利权衡。