Nile: A Programmable Monitoring Coprocessor

Researchers widely employ hardware performance counters (HPCs) as well as debugging and profiling tools in processors for monitoring different events such as cache hits, cache misses, and branch prediction statistics during the execution of programs. The collected information can be used for power, performance, and thermal management of the system as well as detecting anomalies or malicious behavior in the software. However, monitoring new or complex events using HPCs and existing tools is a challenging task because HPCs only provide a fixed pool of raw events to monitor. To address this challenge, we propose the implementation of a programmable hardware monitor in a complete system framework including the hardware monitor architecture and its interface with an in-order single-issue RISC-V processor as well as an operating system. As a proof of concept, we demonstrate how to programmatically implement a shadow stack using our hardware monitor and how the programmed shadow stack detects stack buffer overflow attacks. Our hardware monitor design incurs a 26 percent power overhead and a 15 percent area overhead over an unmodified RISC-V processor. Our programmed shadow stack has less than 3 percent performance overhead in the worst case.

[1]  Jeffrey K. Hollingsworth,et al.  A New Hardware Monitor Design to Measure Data Structure-Specific Cache Eviction Information , 2006, Int. J. High Perform. Comput. Appl..

[2]  Adam M. Izraelevitz,et al.  The Rocket Chip Generator , 2016 .

[3]  G. Edward Suh,et al.  High-performance parallel accelerator for flexible and efficient run-time monitoring , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[4]  Derek Bruening,et al.  An infrastructure for adaptive dynamic optimization , 2003, International Symposium on Code Generation and Optimization, 2003. CGO 2003..

[5]  Scott Devine,et al.  Using the SimOS machine simulator to study complex computer systems , 1997, TOMC.

[6]  Jonathan M. Smith,et al.  Architectural Support for Software-Defined Metadata Processing , 2015, ASPLOS.

[7]  Jeffrey J. P. Tsai,et al.  A noninvasive architecture to monitor real-time distributed systems , 1990, Computer.

[8]  Arnaldo Carvalho de Melo,et al.  The New Linux ’ perf ’ Tools , 2010 .

[9]  G. Edward Suh,et al.  Flexible and Efficient Instruction-Grained Run-Time Monitoring Using On-Chip Reconfigurable Fabric , 2010, 2010 43rd Annual IEEE/ACM International Symposium on Microarchitecture.

[10]  John Wawrzynek,et al.  Chisel: Constructing hardware in a Scala embedded language , 2012, DAC Design Automation Conference 2012.

[11]  Ahmad-Reza Sadeghi,et al.  HAFIX: Hardware-Assisted Flow Integrity eXtension , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[12]  Trevor Mudge,et al.  MiBench: A free, commercially representative embedded benchmark suite , 2001 .

[13]  No License,et al.  Intel ® 64 and IA-32 Architectures Software Developer ’ s Manual Volume 3 A : System Programming Guide , Part 1 , 2006 .