Exploration for Software Mitigation to Spectre Attacks of Poisoning Indirect Branches

Abstract

Speculative execution and branch prediction are techniques that are widely used in modern superscalar processors to exploit instruction-level parallelism. Recently, researchers have discovered a new kind of attacks named Spectre which exploits speculation mechanisms with a side channel. Since speculation is widely used in modern superscalar processors, these vulnerabilities are found in many popular processors. Exploiting the security vulnerabilities, the attacker can leak the host memory from inside a KVM guest. While the hardware providers are trying to fix the issues from the microarchitecture designs in the next generation of their products, software mitigation are always desirable. Retpoline is a pure software fix developed by Google and is claimed to have a negligible impact on performance. In this paper, we look into the details of Retpoline and evaluate it with various workloads. We found that Retpoline does have impact on performance to the existing software but varies depending on how applications interact with the kernel. According to our experiment, it shows more regression on the network I/O than the storage. The more a program relies on the kernel, the greater regression it shows. To alleviate the impact, we propose a method that uses userspace network stack. We verify the proposal using Netmap userspace packet I/O framework. Besides, we observe great performance regression of applying Retpoline in some of userspace applications such as Perl interpreter which is thought to be the targets exploited by the new type of attacks. In the end, we review the experiment results and discuss the potential mitigation of Spectre in future.