From the very beginning of 2018, a literally invasion of vulnerabilities in processor microarchitectures began, the parade of which was opened by Meltdown and Specter. Later, information security researchers added L1TF, SGXSpectre, SWAPGSAttack, Zombieload, MDS and other vulnerabilities that were discovered when studying attacks on third-party (side) channels on speculative computing mechanisms by processors.
These and still not discovered vulnerabilities have lurked for years and even decades in branch prediction algorithms and in other mechanisms of data processing and storage by the processor. It’s just that, finally, the hands of researchers finally reached them, and the entire harmonious system of high-performance processors based on speculative data processing failed. The patches somehow solve this problem, but at the same time they significantly reduce the processor performance. Nobody knows how to deal with this, but Intel has been developing options for effective protection against attacks through third-party channels for a couple of years. One of such approaches may be the concept of protected memory with speculative access (SAPM, Speculative-Access Protected Memory).
The complete SAPM proposal document can be found here. So far this is only a concept without details and a concrete implementation, not to mention the embodiment in silicon. The concept is being developed by an elite division of Intel security specialists under the abbreviation STORM (STrategic Offensive Research & Mitigations). STORM was created at the company in 2017 with the goal of counteracting vulnerabilities and threats to modern computing platforms.
The idea of SAPM is to replace the memory in the processor with one that could, at the instruction level, use the special attribute to put the processor into sequential execution of commands when performing speculative calculations. Then, without a satisfactory return of the SAPM instruction, another speculative action (except for the SAPM instructions) could be suspended and deleted if it is not trusted.
The STORM team acknowledges that such actions will still lead to a decrease in processor performance, but it will not be as significant as today using software patches against Meltdown, Specter and other vulnerabilities. Ultimately, the main mechanisms for protecting against attacks through third-party channels will move to the processor in the form of hardware blocks and this will help to return performance to an acceptable level.
Researchers consider that the attacks on third-party channels can be roughly and roughly divided into client and server parts (frontend and backend) as the basis for implementing the SAPM concept. Attack mechanisms executed on the “server” side – in the processor, are in many respects similar to each other and therefore it is possible to create a universal hardware unit (architecture) to mitigate this threat. You can learn more about the concept at this link (document in English).