Researchers from Intel have detailed about a new type of computer memory dubbed ‘Speculative-Access Protected Memory' (SAPM) that protects against speculative execution side-channel attacks, such as Meltdown, Spectre, L1TF, SGXSpectre, SWAPGSAttack, Zombieload, MDS, and others.
About SAPM Memory
Intel’s STORM (STrategic Offensive Research & Mitigations) team designed the SAPM memory for mitigating the speculative execution side-channel attacks that leak secret from cache/memory.
“SAPM can beapplied to specific memory ranges, with the attribute that any memory access to such memorytype will be instruction-level serialized, meaning that any speculative execution beyond theSAPM-accessing instruction will be stopped pending the successful retirement of this SAPM-accessing instruction,” researchers explained in the research paper.
There are various methods to implement SAPM that are architecture and micro-architecture specific. For example, in modern processors with pipeline and OOO execution, instructions are fetched in order, executed out-of-order, and retired in order to take effect architecturally.
Thus, the speculative execution beyond SAPM-accessing instruction cannot happen until the successful retirement of this instruction, thereby preventing any speculative execution side-channel attacks that leak secret from memory.