© 2020 Dimitrios Skarlatos RETHINKING COMPUTER ARCHITECTURE AND OPERATING SYSTEM ABSTRACTIONS FOR GOOD & EVIL BY DIMITRIOS SKARLATOS DISSERTATION Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate College of the University of Illinois at Urbana-Champaign, 2020 Urbana, Illinois Doctoral Committee: Professor Josep Torrellas, Chair Professor Christopher W. Fletcher Professor Nam Sung Kim Professor Christos Kozyrakis, Stanford University Dr. Vijayaraghavan (Ravi) Soundararajan, VMware Professor Tianyin Xu Abstract Computing systems are undergoing a radical shift, propelled by stern security requirements and an unprecedented growth in data and users. This change has proven to be abstraction break- ing. Current hardware and Operating System (OS) abstractions were built at a time when we had minimal security threats, scarce compute and memory resources, and limited numbers of users. These assumptions are not representative of today’s computing landscape. On one hand, modern virtualization technologies have enabled the new cloud paradigms of serverless computing and microservices, which have in turn lead to the sharing of computing resources among hundreds of users. On the other hand, attacks such as Spectre and Meltdown have shown that current hardware is plagued by critical vulnerabilities. In this new era of computing, it is urgent that we question the existing abstractions of the OS and hardware layers and rethink their synergy from scratch. This thesis takes the first steps toward answering this question, while following two central themes: (a) uncovering security vulnerabilities and building defenses at the boundary between hardware and OS, and (b) re-designing abstractions and interfaces between the two layers to im- prove performance and scalability. In the first theme, this thesis introduces Microarchitectural Re- play Attacks, a new class of attacks that de-noise nearly arbitrary microarchitecture side-channels. In addition, it proposes Jaimais Vu, the first defense against microarchitectural replay attacks. Jaimais Vu uses either hardware only or compiler and OS-assisted techniques. The thesis also develops the Draco OS and hardware mechanisms for low-overhead protection of the system call interface by caching validated system calls and arguments. In the second theme, this thesis proposes Elastic Cuckoo Page Tables, a radical rethink of vir- tual memory translation that enables high translation parallelism. Ongoing work aims to bring the benefits of Elastic Cuckoo Page tables to virtualized environments. This thesis also enhances the scalability of lightweight virtualization by developing the BabelFish mechanisms to share virtual memory translation resources across container processes. Finally, this thesis proposes the Page- Forge extensions to modern hypervisors for scalable page merging in virtualized environments. ii To my mother and sister, for their unconditional love and support. iii Acknowledgments “The Pursuit of Happyness” would be the ideal way to describe my Ph.D. journey. Over the past six years I was fortunate enough to grasp my passion for research. This would not have been feasible without the support and guidance of countless people that transformed my life forever. Undeniably, this thesis would not have been possible without the unwavering support and men- torship from my advisor Professor Josep Torrellas. I could not have asked for a better advisor. His unparalleled dedication to research was the driving force for me. During my studies, Josep provided ample freedom to pursue any research direction I was passionate about and enabled me to integrate multiple areas of research into my studies. He patiently listened to all my vague ideas and helped shape them into concrete research projects. This journey was not always easy, but he was always there. He taught me how to have a thick skin and keep going through fearlessly. More importantly, he taught me how to be polite and thoughtful and to listen carefully. Every time I needed advice no matter the day or time, Josep was available to guide me through any challenge. Over the years he tirelessly taught me everything I know about research. Working with Josep made me realize my love for research and for that I will be forever grateful. Next, I would like to thank Professors Chris Fletcher and Tianyin Xu. My Ph.D. journey would not have been as productive and fruitful without them. Chris is the sole reason for my engagement with security research. His ability to motivate his collaborators is second to none. Despite the research roadblocks, Chris managed to inspire everyone and made research truly fun even when nothing worked. I will always remember our amazing brainstorming sessions and whiteboard craziness. I only had the chance to work with Tianyin during the last two years of my Ph.D. I would like to thank him for his endless support during those years and especially for our late-night conversations on slack about research, academia, and life. Tianyin turned system’s research into pure joy and I truly hope that some of his unique mentoring skills and his approach to students will stick with me. I would also like to thank my external thesis committee members Professor Christos Kozyrakis, Dr. Ravi Soundararajan, and Professor Nam Sung Kim. I always looked up to Christos since my undergraduate days and I was extremely happy when he accepted to serve on my committee. I would like to thank him for his advice and support on how to best embark on the academic journey and his motivation to pursue my goals without any hesitation. This thesis might not have been on cloud computing if it wasn’t for Christo and Christina’s work that inspired me to pursue this direction. I was fortunate to meet Ravi during my internship at VMware. He paid ceaseless attention to my work and constantly provided actionable feedback throughout my internship. I iv learned a great deal from Ravi on how to operate in the workspace and how to provide useful and direct feedback. I started working with Nam Sung when I arrived at University of Illinois at Urbana-Champaign (UIUC). I learned several valuable lessons from him about how to efficiently present my work and how to combine complex circuit technologies with my research. The i-acoma group was pivotal to the completion of this thesis. I would like to thank all my labmates: Adi, Bhargava, Mengjia, Tom, Tanmay, Yasser, Jiho, Raghav, Andy, Antonio, Azin, Apo, Serif, Neil, Houxiang, Namrata, Nam, Jovan, and Antonis. Together we shared priceless moments in the office, discussing research ideas, surviving submission deadlines, battling with reviewer 2, and enjoying group lunch. I would also like to thank Adi, Jiho, Azin, Apo, Serif, Neil, Riccardo, Namrata, Jovan, Umur, Qingrong, and Jianyan for all the projects we worked on together during my studies. I would especially like to thank Bhargava and Mengjia for making the office an extremely fun environment, for collaborating with me on several projects, and for tirelessly listening to me complain about everything. I learned a lot from them, and I look forward to collaborating (complaining) with them for years to come. Without the amazing mentors during my undergraduate studies, this journey would not have started in the first place. Professor Dionisis Pnevmatikatos introduced me to the world of com- puter architecture research and meticulously mentored me during my years in Crete. Everything started with an internship at FORTH where, under the guidance of Dionisis and Professor Polyvios Pratikakis, my first ever workshop paper became reality. Professors Apostolos Dollas and Giannis Papaefstathiou were there every step of the way and were available to work with me on several projects that sparked my passion for research. Next, I would like to thank all my friends for making this goal worth pursuing. First, my friends from Greece who gave me constant support during my studies despite the physical distance and time difference. Specifically, I would like to thank Panos, Zoi, Stathis, Mixalis, Elli, Panagiotis, Lena, Giouli, and Silena. Being away from home is difficult and our chats on “Skorpioxori” kept me going. I look forward to our next reunion and holidays together at Parasol. Especially, I would like to thank Panos for all the calls we had over the years, for always being there, and of course, for our roadtrip in California. Second, a warm thank you to Filippos, Mitsos, Giorgos, and Panos. Since the day we met back in Crete you were there for me and for that I will be forever grateful. I would not have made it through undergrad without you. Filippos was a pillar of support during the last years of this journey with almost daily phone calls and need for speed and rocket league sessions. Mitsos, Giorgos, and Panos kept me on track with their friendship and by constantly reminding me what really matters in life. Work is just a part of it. During my six years at Chambana, I was fortunate to forge life-lasting friendships. I would like to wholeheartedly thank Dimitris, Elena, and Soteris which I consider family. I would not have v made it through this journey without you. Dimitris and Elena always pushed me to become a better person through constant bickering and unconditional love. Whatever I say about Soteris will not be enough and perhaps I should write a book about our adventures. From roadtrips across the U.S., to hospital rooms, to weekend nights in Chambana, thank you for everything Soto. In addition, I would like to thank Dimitris and Nikos. I was fortunate to meet you during the last few years of this journey. I cherish our friendship, our nights at Legends with all the Greek community, and above all the one of a kind roadtrip to Iowa. Alex was perhaps the first person I met at UIUC. Although he had to leave soon enough, my first year in Chambana would not have been half as fun without him and Tercel.