In cache-based side channel attacks, a spy that shares a cache with a
victim probes cache locations to extract information on the victim’s
access patterns. For example, in evict+reload, the spy repeatedly evicts
and then reloads a probe address, checking if the victim has accessed the
address in between the two operations. While there are many proposals to
combat these cache attacks, they all have limitations: they either hurt
performance, require programmer intervention, or can only defend against
some types of attacks.
This paper makes the following observation for an environment with an
inclusive cache hierarchy: when the spy evicts the probe address from the
shared cache, the address will also be evicted from the private cache of
the victim process, creating an inclusion victim. Consequently, to disable
cache attacks, this paper proposes to alter the line replacement algorithm
of the shared cache, to prevent a process from creating inclusion victims
in the caches of cores running other processes. By enforcing this rule,
the spy cannot evict the probe address from the shared cache and, hence,
cannot glimpse any information on the victim’s access patterns. The
authors call this proposal SHARP (Secure Hierarchy-Aware cache Replacement
Policy). SHARP efficiently defends against all existing cross-core
shared-cache attacks, needs only minimal hardware modifications, and
requires no code modifications. The authors have implemented SHARP in a
cycle-level full-system simulator. They have shown that it protects
against real-world attacks, and that it introduces negligible average
performance degradation.