Ordering decoupled metadata accesses in multiprocessors

Hardware support for dynamic analysis can minimize the performance overhead of useful applications such as security checks, debugging, and profiling. To eliminate implementation complexity and improve flexibility, recent hardware proposals have decoupled the processing of the metadata needed for analysis from the application running on the main processor core. However, such decoupling can lead to inconsistencies between application data and analysis metadata in multiprocessor systems. If updates to data and metadata occur in different orders, the analysis can be rendered incorrect, leading to issues such as undetected security attacks or unnecessary program termination. This paper presents a practical hardware solution that ensures consistency between application data and analysis metadata in multiprocessor systems. We use hardware to track the order of data updates and enforce the same ordering on the analogous metadata operations. This solution works for both in-order and out-of-order processors and requires no changes to the cores, caches or coherence protocol. It is equally applicable to analysis architectures that use dedicated coprocessors or separate cores, is compatible with sequential and relaxed consistency models, and can accommodate metadata of different sizes. We show that, even with small tracking structures, our solution introduces a runtime overhead of less than 7% for PARSEC and SPLASH-2 benchmarks running on a 32-core system.

[1]  Min Xu,et al.  A regulated transitive reduction (RTR) for longer memory race recording , 2006, ASPLOS XII.

[2]  James Newsom,et al.  Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software, Network and Distributed System Security Symposium Conference Proceedings : 2005 , 2005 .

[3]  G. Ganger,et al.  Logs and Lifeguards : Accelerating Dynamic Program Monitoring , 2006 .

[4]  Anoop Gupta,et al.  The SPLASH-2 programs: characterization and methodological considerations , 1995, ISCA.

[5]  Ravishankar K. Iyer,et al.  Defeating memory corruption attacks via pointer taintedness detection , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[6]  Christoforos E. Kozyrakis,et al.  Thread-safe dynamic binary translation using transactional memory , 2008, 2008 IEEE 14th International Symposium on High Performance Computer Architecture.

[7]  Nicholas Nethercote,et al.  Dynamic Binary Analysis and Instrumentation , 2004 .

[8]  Rajiv Gupta,et al.  Architectural support for shadow memory in multiprocessors , 2009, VEE '09.

[9]  Milo M. K. Martin,et al.  Multifacet's general execution-driven multiprocessor simulator (GEMS) toolset , 2005, CARN.

[10]  Guru Venkataramani,et al.  FlexiTaint: A programmable accelerator for dynamic taint propagation , 2008, 2008 IEEE 14th International Symposium on High Performance Computer Architecture.

[11]  Wei Liu,et al.  iWatcher: efficient architectural support for software debugging , 2004, Proceedings. 31st Annual International Symposium on Computer Architecture, 2004..

[12]  Frederic T. Chong,et al.  Minos: Control Data Attack Prevention Orthogonal to Memory Model , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).

[13]  Hsien-Hsin S. Lee,et al.  Supporting cache coherence in heterogeneous multiprocessor systems , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[14]  David Zhang,et al.  Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.

[15]  Christoforos E. Kozyrakis,et al.  Raksha: a flexible information flow architecture for software security , 2007, ISCA '07.

[16]  Babak Falsafi,et al.  Flexible Hardware Acceleration for Instruction-Grain Program Monitoring , 2008, 2008 International Symposium on Computer Architecture.

[17]  Cheng Wang,et al.  LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks , 2006, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06).

[18]  Christoforos E. Kozyrakis,et al.  Hardware Enforcement of Application Security Policies Using Tagged Memory , 2008, OSDI.

[19]  Kai Li,et al.  The PARSEC benchmark suite: Characterization and architectural implications , 2008, 2008 International Conference on Parallel Architectures and Compilation Techniques (PACT).

[20]  Christoforos E. Kozyrakis,et al.  Decoupling Dynamic Information Flow Tracking with a dedicated coprocessor , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[21]  Timothy Sherwood,et al.  Understanding and visualizing full systems with data flow tomography , 2008, ASPLOS.

[22]  Jonathan Walpole,et al.  Introducing technology into the Linux kernel: a case study , 2008, OPSR.

[23]  Kai Li,et al.  PARSEC vs. SPLASH-2: A quantitative comparison of two multithreaded benchmark suites on Chip-Multiprocessors , 2008, 2008 IEEE International Symposium on Workload Characterization.