King's College London

Research portal

BRB: Mitigating branch predictor side-channels

Research output: Contribution to conference typesPaper

I. Vougioukas, N. Nikoleris, A. Sandberg, S. Diestelhorst, B.M. Al-Hashimi, G.V. Merrett

Original languageEnglish
Pages466-477
DOIs
Publication statusPublished - Mar 2019

King's Authors

Abstract

Modern processors use branch prediction as an optimization to improve processor performance. Predictors have become larger and increasingly more sophisticated in order to achieve higher accuracies which are needed in high performance cores. However, branch prediction can also be a source of side channel exploits, as one context can deliberately change the branch predictor state and alter the instruction flow of another context. Current mitigation techniques either sacrifice performance for security, or fail to guarantee isolation when retaining the accuracy. Achieving both has proven to be challenging. In this work we address this by, (1) introducing the notions of steady-state and transient branch predictor accuracy, and (2) showing that current predictors increase their misprediction rate by as much as 90% on average when forced to flush branch prediction state to remain secure. To solve this, (3) we introduce the branch retention buffer, a novel mechanism that partitions only the most useful branch predictor components to isolate separate contexts. Our mechanism makes thread isolation practical, as it stops the predictor from executing cold with little if any added area and no warm-up overheads. At the same time our results show that, compared to the stateof-the-art, average misprediction rates are reduced by 15-20% without increasing area, leading to a 2% performance increase.

View graph of relations

© 2018 King's College London | Strand | London WC2R 2LS | England | United Kingdom | Tel +44 (0)20 7836 5454