mtl 坂井・五島研究室 修士1年 46424 豊島 隆 志...
TRANSCRIPT
MTL 坂井・五島研究室 修士1年 46424 豊島 隆志
新たな高信頼アーキテクチャに向けた研究 A First Step Towards A Novel Dependable
Architecture
MTL坂井・五島研究室
Contents
Background A Novel Architecture
– Overview– Details
Code Translation– History– Consideration
Ideas for Dependability Future Works
MTL坂井・五島研究室
Background – Requirements and Adhoc supplies
Dependability Requirements– Reliability, Availability ,Serviceability (RAS)
Studies of Architecture Level Support– Academic studies
Architecture Support for Defending Against Buffer Overflow Attacks; Jun Xu and Zbigniew Kalbarczyk and Sanjay Patel and Ravishankar K. Iyer; Proceedings of 2nd Workshop on Evaluating and Architecting System dependabilitY (EASY), 2002
Enlisting Hardware Architecture to Thwart Malicious Code Injection; Ruby B. Lee and David K. Karig and John P. McGregor and Zhijie Sh; Proceedings of 1st International Conference on Security in Pervasive Computing (SPC), 2003
A Processor Architecture Defense against Buffer Overflow Attacks; John P. McGregor and David K. Karig and Zhijie Shi and Ruby B. Lee; Proceedings of IEEE International Conference on Information Technology: Research and Education (ITRE), 2003
– Commercial products ARM SecureCore SmartMIPS ASE IA-32 NXBit
Symptomatic
andImperfect
MTL坂井・五島研究室
Contents
Background A Novel Architecture
– Overview– Details
Code Translation– History– Consideration
Ideas for Dependability Future Works
MTL坂井・五島研究室
A Novel Architecture - Overview
Tag Memory
Main Bus
Data Cache
Translation Unit(TU) Data
Control
Instructionsfor
Virtual Machine (VM)
Instruction
Data
Invalidation
Translation Request
Translated Instruction
Execution Unit(EU)
Translation Cache
Main Memory
Tag
Data & Tag
MTL坂井・五島研究室
A Novel Architecture – Details : Execution Unit
Execution Unit (EU)– Access to Data
Data Cache Main Memory and Tag Memory
– Access to Instruction Translation Cache
Tag MemoryData Cache
Translation Unit(TU)
Instructionsfor
Virtual Machine (VM)
Instruction
Data
Invalidation
Translation Request
Translated Instruction
Execution Unit(EU)
Translation Cache
Main Memory
Tag
Data & Tag
Tag MemoryData Cache
Translation Unit(TU)
Instructionsfor
Virtual Machine (VM)
Instruction
Data
Invalidation
Translation Request
Translated Instruction
Execution Unit(EU)
Translation Cache
Main Memory
Tag
Data & Tag
MTL坂井・五島研究室
Tag MemoryData Cache
Translation Unit(TU)
Instructionsfor
Virtual Machine (VM)
Instruction
Data
Invalidation
Translation Request
Translated Instruction
Execution Unit(EU)
Translation Cache
Main Memory
Tag
Data & Tag
Tag MemoryData Cache
Translation Unit(TU)
Instructionsfor
Virtual Machine (VM)
Instruction
Data
Invalidation
Translation Request
Translated Instruction
Execution Unit(EU)
Translation Cache
Main Memory
Tag
Data & Tag
A Novel Architecture – Details : Translation Unit
Translation Unit (TU)– Binary Translation
From ISA for VM To ISA for EU
– Organization Hardware Processor Translation Software
– Rapid Translation– Optimization of Translation Cache
MTL坂井・五島研究室
Contents
Background A Novel Architecture
– Overview– Details
Code Translation– History– Consideration
Ideas for Dependability Future Works
MTL坂井・五島研究室
Sequencer
ROM
Code Translation - History : microprogrammed control
IBM System/360– At April 7, 1964
Motorola MC680x0– nanoprogram– nanoarchitecture
Instruction
Op.Code
Control Memory Address
Control Memory (CM)
Microprogramfor
Op.X
Microprogramfor
Op.Y
Microprogramfor
Op.Z
Micro architecture
MTL坂井・五島研究室
Code Translation - History : Pentium4 (NetBurst)
Front End
Bus Unit
System Bus
3rd Level Cache (Optional)
2nd Level Cache (8-Way)
Fetch/DecodeTrace Cache
Microcode ROM
BTBs/Branch Prediction
ExecutionOut-Of-Order
CoreRetirement
Branch History Update
1st Level Cache(4-Way)
Frequently used paths
Less frequently used paths
MTL坂井・五島研究室
VLIW Inst. Ba
VLIW Inst. Da
VLIW Inst. CaVLIW Inst. Cb
VLIW Inst. AaVLIW Inst. Ab
Atom
Code Translation - History : Crusoe/Efficeon
IA-32 Inst. AIA-32 Inst. BIA-32 Inst. CIA-32 Inst. D
Memory System
Fetch
VLIWExecution core
Core Morphing Software
Inst. Ba
Inst. DaInst. Cb
Inst. AaInst. AbLight
Optimization
Inst. Ba
Inst. Da
Inst. CbInst. Aa Inst. Ab
・・・
Molecule
pack
convert
Maximum Optimization&
Cache
Hot Spot
MTL坂井・五島研究室
IA-32 Execution Layer (IA-32 EL)
Code Translation - History : Itanium series
IA-64 VLIW core
IA-32 Decoder
Operation System
IA-32Execution Layer
IA-64Application
IA-32Application
IA-32Application IA-32 Application
Cache Translation and Runtime Information
Cold C
ode
Translation
On E
xecution Tim
e
Translated Code BlockRuntime Information
Optimizer
Hot C
odeT
ranslation
Hot Spot
Runtim
e Inform
ation
MTL坂井・五島研究室
Code Translation - History : Parrot
Synchronized Commit
Trace Predict
Trace Select
TraceFill
HotFilter
I-CacheTraceCache
BranchPredict
ColdExec
HotExec
Optimizer
BlazingFilter
Fetch Selector
MTL坂井・五島研究室
Code Translation - Considerations
Requirements– ISA for Software (ISAS)
High Level Language oriented More Information with Instructions
– For Dynamic Optimizations• Performance & Reduced Power Supply
– For Dynamic Validations• Dependability
– ISA for Hardware (ISAH) Design Level Optimization
– Fixed ISA restricts Hardware Design
Impact– Answer the Above Requirements
MTL坂井・五島研究室
Contents
Background A Novel Architecture
– Overview– Details
Code Translation– History– Consideration
Ideas for Dependability Future Works
MTL坂井・五島研究室
Ideas for Dependability – Call Stack Protection
Return Address Stack is divided from Common Stack– Permission to touch Return Address Stack is limited to
… Call instruction (tacit push) Return instruction (tacit pop) Specified Push/Pop instructions for Return Address Stack
– Only address value can be pushed into Return Address Stack
return address
char buffer[1024];
int b;
int a;
Local Variables
ofFunction
Stack Frameof
Function
char buffer[1024];
int b;
int a;
Local Variables
ofFunction
Stack Frameof
Function
return address
MTL坂井・五島研究室
Ideas for Dependability – Boundary Check Acceleration
Register relative indexed addressing– Load a1, r2 ; if (i2 > b2) raise exception else a1←(a2+i2)– Store r1, a2 ; if (i1 > b1) raise exception else (a1+i1)←a2
Load Reference– Load r1, r2 ; a1←(a2+i2), b1←1(a2+i2)
b1
b2
b3
b4
i1
i2
i3
i4
a1
a2
a3
a4
Boundary reg.Index reg.Address reg.… … …
memory
a1
a1+i1
If (i1 > b1)
raise exception
b1
MTL坂井・五島研究室
Ideas for Dependability – Data Tagging
Every data is tagged based on data types– Types
Instruction Address Value Reference (A Pair of Address and Value) NULL
– Tag value is updated by specified instructions– ALU update tags automatically after calculation– If PC points a data which is not tagged as instruction,
the execution of program is stopped– When data is tagged as instruction, T$ is invalidated
MTL坂井・五島研究室
Contents
Background A Novel Architecture
– Overview– Details
Code Translation– History– Consideration
Ideas for Dependability Future Works
MTL坂井・五島研究室
Feature Works
Model of Undependability– Human error leading mechanisms– Essential Realization of Dependable Mechanisms
On ISAH or ISAS?– Which should we implement dependable mechanisms
on More Specification
– Details of Execution Unit– Outline of Translation Unit
How Evaluate– SPEC, IPC, …
MTL坂井・五島研究室
COMING SOON
MTL坂井・五島研究室
Background (1) – Moore's Law
Moore's Law– Cramming more components onto integrated circuits;
Gordon E. Moore; Electronics, Volume 38, Number 8, April 19, 1965
The Limits of Moore's Law– No Exponential Is Forever: But “Forever” Can Be Delayed!; Gordon E. Moore; IEEE
International Solid-State Circuits Conference 2003– Limits to binary logic switch scaling – a gedanken model; V.V.Cavin, R.K. Cavin II
I, J.A.Hutchby, G.I.Bourianoff; Proceedings of The IEEE Volume 91, Issue 11, Nov 2003, p1934-1939 … 16nm
– No end in sight for Moore's Law; Craig Barrett(Intel CEO) ; Intel Developer Fortum Spring 2005 Keynote Speech … 5nm
MTL坂井・五島研究室
Tag Memory
Main Bus
Data Cache
Translation Unit(TU)
Instructionsfor
Virtual Machine (VM)
Instruction
Data
Invalidation
Translation Request
Translated Instruction
Execution Unit(EU)
Translation Cache
Main Memory
Tag
Data & Tag
MTL坂井・五島研究室
ROMInstruction Op.Code
Control Memory Address
Control Memory (CM)
Microprogramfor
Op.X
Microprogramfor
Op.Y
Microprogramfor
Op.Z
Micro architecture
MTL坂井・五島研究室
Front End
Bus Unit
System Bus
3rd Level Cache (Optional)
2nd Level Cache (8-Way)
Fetch/DecodeTrace Cache
Microcode ROM
BTBs/Branch Prediction
ExecutionOut-Of-Order
CoreRetirement
Branch History Update
1st Level Cache(4-Way)
Frequently used paths
Less frequently used paths
MTL坂井・五島研究室
VLIW Inst. Ab
・・・
Inst. Ab
VLIW Inst. CaVLIW Inst. Cb
Atom
IA-32 Inst. AIA-32 Inst. BIA-32 Inst. CIA-32 Inst. D
Memory System
Fetch
VLIWExecution core
Core Morphing Software
Inst. Ba
Inst. DaInst. Cb
Inst. AaLight
Optimization
Inst. Ba
Inst. Da
Inst. CbInst. Ab
Molecule
pack
convert
Maximum Optimization&
Cache
Hot Spot
Inst. AaVLIW Inst. Aa
VLIW Inst. Ba
VLIW Inst. Da
MTL坂井・五島研究室
IA-64 VLIW core
IA-32 Decoder
Operation System
IA-32Execution Layer
IA-64Application
IA-32Application
IA-32Application
MTL坂井・五島研究室
IA-32 Application
Cache Translation and Runtime Information
Cold C
ode
Translation
On E
xecution Tim
e
Translated Code BlockRuntime Information
Optimizer
Hot C
odeT
ranslation
Hot Spot
Runtim
e Inform
ation
MTL坂井・五島研究室
Synchronized Commit
Trace Predict
Trace Select
TraceFill
HotFilter
I-CacheTraceCache
BranchPredict
ColdExec
HotExec
Optimizer
BlazingFilter
Fetch Selector
MTL坂井・五島研究室
memory
b1
b2
b3
b4
i1
i2
i3
i4
a1
a2
a3
a4
Boundary reg.Index reg.Address reg.
… … …
a1
a1+i1
If (i1 > b1)
raise exception
b1
MTL坂井・五島研究室
Tag MemoryData Cache
Translation Unit(TU)
Instructionsfor
Virtual Machine (VM)
Instruction
Data
Invalidation
Translation Request
Translated Instruction
Execution Unit(EU)
Translation Cache
Main Memory
Tag
Data & Tag
Tag MemoryData Cache
Translation Unit(TU)
Instructionsfor
Virtual Machine (VM)
Instruction
Data
Invalidation
Translation Request
Translated Instruction
Execution Unit(EU)
Translation Cache
Main Memory
Tag
Data & Tag