No-FAT and ZeRØ To The Rescue?
Researchers at the Columbia University School of Engineering and Applied Science have some great news … theoretically anyways. ZeRØ adds a new set of memory instructions as well as and a new encoding scheme for metadata which are designed specifically to protect the code accessing memory as well as the pointers. The paper suggests that the changes to processor architecture to be compatible with ZeRØ are only relatively minor, which does mean it won’t be implemented on current generation chips.
There is the question of what exactly they mean by minor changes, and the cost of implementation for AMD, Intel, Qualcomm and the like. The benefit is rather tempting however, they named it ZeRØ as that is the amount of performance impact to expect from this mitigation. Considering the performance impact applying all current Spectre and Meltdown mitigations have on a system, making those changes will be seriously tempting.
No-FAT on the other hand will boost the speed of fuzzing analyses of data moving inside memory or between the CPU and memory, which is the process used to detect attacks in real time. It also adds it’s own protections against Spectre and Meltdown in addition to reducing the performance cost of detecting attacks.
The Register has links to presentations covering both of these theoretical defences, if you aren’t already sick of online presentations today after watching the Windows 11 reveal.
We believe that memory safety continues to be a problem because it does not distribute the burden in a fair manner among software engineers and end-users. With these two papers, we believe we have found the right balance of burdens.