Skip to content Skip to navigation
PhD Defense
9/6/2018 01:00 pm
CoRE A (301)

Improving and Complementing Virtual Memory Using Hardware Techniques

Guilherme Mota Cavalcanti Acox, Dept. of Computer Science

Defense Committee: Prof. Abhishek Bhattacharjee (Chair), Prof. Vinod Ganapathy, Prof. Uli Kremer, and Daniel Lustig, Ph.D. (NVIDIA Research)


Virtual memory is a decades-old abstraction and is found ubiquitously in all scales of computing today. Despite its maturity, however, virtual memory faces critical performance and security challenges. This thesis aims to address these challenges. The first challenge we address is the growing performance overheads faced by virtual memory as workloads continue demanding ever-increasing amounts of memory. The key cause of these rising overheads is address translation -- virtual memory fundamentally relies on translating program virtual memory addresses to physical addresses. Performing fast address translation requires the design of fast and efficient hardware translation caches. Unfortunately, these caches are facing increasing pressure with the rise of "big data" workloads. This thesis proposes a range of hardware mechanisms to improve the performance of translation cache hardware. The second challenge we address pertains to the security mechanisms offered by the virtual memory abstraction through memory protection and process isolation. While useful for standalone systems, remote attacks have exploited virtual memory vulnerabilities. Attackers can consequently corrupt the operating system, ultimately gaining control of the entire machine. Therefore, there is a need for a holistic security solution that includes all the memory, along with the data structures that maintain virtual memory. We propose low-overhead mechanisms that act in a complementary manner with virtual memory to enable higher security. This hardware snapshots memory, so that we can enable faster/better memory forensics to enhance system security. Both sets of studies highlight key themes across this thesis. For example, one unifying theme of our work is to build mechanisms in hardware that are transparent to application developers and systems programmers. Another unifying theme is ease of implementation -- we deliberately use hardware mechanisms that require modest modifications to hardware, and in situations when the modifications are more substantial, we formally verify the correctness of our approach. Finally, we quantify the benefits of our approaches using not only software modeling of our proposed hardware (like most architecture studies), but also go beyond by profiling real systems.