New Intel processor microarchitecture: fast, but not free
Identifying the Specter and Meltdown hardware vulnerabilities in Intel processors set the company's architects the most difficult task - to make changes to the CPU microarchitecture that ensure complete execution security while maintaining and even improving processor performance. Now, six months later, it is time to share the results of this work. Of course, not all, but only a part that is not Intel Top Secret.
According to security experts, it is impossible to create an absolutely secure system in any field, including a computer one. It is only possible to make the defense so that the cost of breaking it exceeds the cost of what it protects. And this task is quite doable. There is only one problem: the requirements for high security and high performance are very poorly compatible with each other.
Therefore, as mentioned above, the task of combining security and high-performance CPU is extremely difficult. And one of the possible ways for Intel engineers to solve it was brought by such a seemingly unrelated area as SEO - Search Engine Optimization - search engine optimization.
In fact, there are many similarities between the principles of the processor and search engines. If in search engines the most popular sites fall on the first page of search results, then in the processor the most popular data and instructions fall into the cache memory. Both on indexed sites and in program code there is an opportunity to manually influence “promotion” - with keywords on sites and the prefetch instruction in the processor. But there and there, the results are generally unpredictable, and they are not advised to do so in modern systems. Just as search engines to determine page rank track all links leading to the site, so processors in the course of unordered execution track links according to the data of all executable instructions.
A few years ago, search engines, which, by the way, never fully disclose their page ranking algorithms, learned to deal with “black optimization”. Also, the new Intel CPU microarchitecture, in which the algorithms of disordered execution (OOO execution) and branch prediction (Branch Prediction) will be completely classified, will be able to cope with the situation of "tricking" the branch predictor used in one of the versions of the Specter vulnerabilities.
And now - about the main change in microarchitecture. In search engines, there is a possibility that still has no analogy in processors. These are paid advertisements appearing at the beginning of search results, in fact, giving an opportunity to significantly promote your site for a fee. If we go to processors, the first thing that comes to mind is paid cache, that is, the ability to reserve part of the cache for a single application for a certain period of time, eliminating its crowding out and thus ensuring maximum performance.
But, unfortunately, in the general case, it is impossible to significantly increase the productivity of a software product in this way - the cache is only one link in the chain of ensuring the speed of applications. Therefore, Intel engineers found another solution. Namely, it is planned to add a separate core to the new processors, which can be used for a certain time by any application in exclusive mode.
The frequency of the new core will be twice the operating frequency of the other cores of the processor - in fact, the core will always be in Turbo Boost mode, and its microarchitecture will differ from other cores - "neighbors" in the crystal. The main difference is that due to the guaranteed exclusive operation of the application on the kernel, it becomes possible to abandon the mass of security requirements, accordingly, the need for very expensive operations in terms of performance will disappear - for example, switching from user mode to protected mode during system calls. To support innovations, of course, the corresponding changes will be made to the operating system.
According to preliminary estimates, the performance of applications using the new core will grow by an average of 3-4 times.
Application structures of Intel Software Guard Extensions (Intel SGX)
An updated version of Intel SGX 1.04 will be used to provide a specific application with exclusive access to the kernel. In fact, the entire core will be a protected SGX enclave, to which there is no access to other applications, regardless of the current level of their rights. Of course, such a scheme of work will require a significant change in the OS, but Intel has the corresponding experience in developing similar components for Xeon Phi.
Of course, the new functionality will be in demand by software manufacturers and end users, respectively, for its use is expected to be charged. After a simple online payment process, users will receive the generated electronic key necessary for the application to access the new core.
Intel is very serious about protecting the personal data of users, so payment will be possible not only with traditional money, but also with bitcoins.
Upd. When reading, please pay close attention to the version of Intel SGX or to the date of creation of this post - at your request