Intel SAPM, a memory to protect yourself from attacks like Specter and Meltdown

Intel is working on a new type of memory thought to safeguard the processors and consequently the computers from side-channel attacks on speculative execution, which have made a lot of talk in recent years, starting from Specter and Meltdown, to get to MDS and SWAPGS more recently.

These attacks exploit vulnerabilities in the way processors manage speculative execution, a technique used by most modern processors to optimize performance.

To improve performance, CPUs may choose to execute instructions speculatively, based on assumptions considered likely. During speculative execution, the processor tests these hypotheses: if they are valid, execution continues. If they are not, execution is blocked and the correct execution path can be started based on the actual conditions.

This modus operandi allows to have better performances in many cases, especially if the hypotheses are guessed frequently. However, as we learned from 2017, speculative execution can have side effects, because when the CPU makes wrong assumptions it can potentially expose certain types of data through what is called a “side channel”.

Intel CPUs are the most affected by this problem and the company has worked hard to remedy the situation through fixes to the software part – operating system and firmware – but also with interventions directly in hardware regarding the most recent architectures.

A research paper published last week shows that Intel is also working on other solutions. SAPM, which stands for Speculative-Access Protected Memory, it's a new type of memory which could replace the current CPU memory system.

SAPM is the job of Intel STORM (STrategic Offensive Research & Mitigations), a team of top-level security researchers that Intel assembled in 2017 to work on mitigation of speculative attacks. SAPM at the moment it's just an idea and there are no silicon chips to concretely evaluate countermeasures.

Intel engineers released the research to do it “Foundation for other researchers and industry”, And emphasized that SAPM works with both physical and virtual memory addresses.

“SAPM can be applied to specific memory ranges, with the attribute that any memory access to that type of memory will be serialized at the instruction level, ie that any speculative execution beyond the SAPM access instruction will be suspended pending the correct withdrawal of this SAPM access instruction “.

The researchers say their “proposal offers more flexibility to software” by shifting most of the barriers against speculative hardware attacks. The idea is that most attacks can be divided into two parts: the “frontend” part of the exploit code and its “backend”.

Intel claims that the second part (backend) of most attacks performs the same actions that SAPM can block. And it is precisely this ability that should guarantee the effectiveness of SAPM also against future attacks.

It arises however the problem of the performance impact on the CPU: researchers do not deny that there is a drop in performance, but it should be content and could be further reduced by abandoning existing protections.

“Although the performance cost for each access to memory to SAPM is relatively high, considering that these operations represent only a small part of the total software execution, we expect the overall performance overhead to be low and potentially lower than the impact of current mitigation“Concluded the researchers.