DescriptionVirtual memory is a classic computer science abstraction and is ubiquitous in all scales of computing today. However, despite years of research, virtual memory faces critical performance and security challenges. This thesis aims to address these challenges. The first challenge we address is the growing performance overheads faced by virtual memory as workloads continue demanding ever-increasing amounts of memory. The key culprit of these overheads is address translation, the mechanism by which virtual memory translates a program's virtual addresses to physical addresses. Performing fast address translation requires the design of fast and efficient hardware translation lookaside buffer (TLB) caches. Unfortunately, TLBs struggle to perform efficiently for ``big data" workloads. This thesis proposes a range of hardware mechanisms to improve TLB performance. The second challenge we address pertains to the security mechanisms offered by the virtual memory abstraction through memory protection and process isolation. Despite their utility, protection/isolation are insufficient to avoid important classes of remote attacks. Attackers can corrupt the operating system and thereby gain control of the entire machine. Therefore, there is a need for security mechanisms complementary to those provided by virtual memory. We propose low-overhead mechanisms achieve this. Our approach is to build hardware that can snapshot physical memory in an efficient manner, so that we can enable faster/better memory forensics to enhance system security.
Both sets of studies highlight some important themes in this thesis. One unifying theme of our work is to build hardware mechanisms that are transparent to application developers and systems programmers. Another unifying theme is ease of implementation -- we deliberately use hardware mechanisms that require modest hardware modifications. In situations when the modifications are more substantial, we formally verify the correctness of our approach. Finally, we quantify the benefits of our approaches using not only software performance models (like most architecture studies), but also go beyond by quantifying real-system performance when possible.
NotePh.D.
NoteIncludes bibliographical references
Noteby Guilherme Mota Cavalcanti de Albuquerque Cox