Arm Announces Armv9 Architecture: SVE2, Security, and the Next Decade
by Andrei Frumusanu on March 30, 2021 2:00 PM ESTIntroducing the Confidential Compute Architecture
Over the last few years, we’ve seen security, and security breaches of hardware be at the forefront of news, with many vulnerabilities such as Spectre, Meltdown, and all of their sibling side-channel attacks showcasing that there’s a fundamental need for a re-think of how to approach security. One way Arm wants to address this overarching issue is to re-architect how secure applications work with the introduction of the Arm Confidential Compute Architecture.
Before continuing, I want to warn that today’s disclosures are merely high-level explanations of how the new CCA operates, with Arm saying more details on how exactly the new security mechanism works will be unveiled later this summer.
The goal of the CCA is to more from the current software stack situation where applications which are run on a device have to inherently trust the operating system and the hypervisor they are running on. The traditional model of security is built around the fact that the more privileged tiers of software are allowed to and are able to see into the execution of lower tiers, which can be an issue when the OS or the hypervisor is compromised in any way.
CCA introduces a new concept of dynamically creates “realms”, which can be viewed as secured containerised execution environments that are completely opaque to the OS or hypervisor. The hypervisor would still exist, but be solely responsible for scheduling and resource allocation. The realms instead, would be managed by a new entity called the “realm manager”, which is supposed to be a new piece of code roughly 1/10th the size of a hypervisor.
Applications within a realm would be able to “attest” a realm manager in order to determine that it can be trusted, which isn’t possible with say a traditional hypervisor.
Arm didn’t go into more depth of what exactly creates this separation between the realms and the non-secure world of the OS and hypervisors, but it did sound like hardware backed address spaces which cannot interact with each other.
The advantage of the usage of realms is that it vastly reduces the chain of trust of a given application running on a device, with the OS becoming largely transparent to security issues. Mission-critical applications that require supervisory controls would be able to run on any device as say opposed to today’s situation where corporate or businesses require one to use dedicated devices with authorised software stacks.
Not new to v9 but rather introduced with v8.5, MTE or memory tagging extensions are aimed to help with two of the most persistent security issues in the world’s software. Buffers overflows and use-after-free are continuing software design issues that have been part of software design for the past 50 years, and can take years for them to be identified or resolved. MTE is aimed at helping identify such issues by tagging pointers upon allocation and checking upon use.
Facebook
Twitter
RSS
74 Comments
View All Comments
melgross - Saturday, April 10, 2021 - link
Yes, before ARM had even announced their 64 bit core was suitable for anything that the servers is was aimed at, Apple came out with their 2 core version in the A7, shocking the entire industry.I would be surprised if that use this in their A15 later this year.
ballsystemlord - Tuesday, March 30, 2021 - link
They want to include ray-tracing?! Mobile phones, the biggest market I'm aware of for ARM GPUs, are not even able to afford to include the complete GPU+CPU+caches. They use too much area and power to work in that form factor.How on earth would they get ray-tracing in there too?
grant3 - Wednesday, March 31, 2021 - link
My layman's understanding of the ARM ecosystem is they're not exclusively for use in mobile phones. And that licensees can design different processors, with different tradeoffs, to suit different purposes.So perhaps it's unlikely that someone will design an ARM chip with raytracing silicon for mobile phones any time soon.
but it certainly seems plausible that sometime in the next 5-10 years, someone shall be interested in building a different kind of device with a -larger- form factor that has the thermal and power consumption envelope support a ray-tracing enabled ARM processor.
ballsystemlord - Wednesday, March 31, 2021 - link
Good point. They could be just future proofing themselves and allocating some IP so that they can compete.iphonebestgamephone - Thursday, April 1, 2021 - link
Huawei had worked on raytracing on android, shown in some demos.https://www.reddit.com/r/Android/comments/eczftf/n...
Its not like raytracing means it looks like whats shown using an rtx3080.
dicobalt - Wednesday, March 31, 2021 - link
So long as the operating system running on the ARM chip is capable of updating itself. No ridiculous Android philosophy of placing this task in the hands of inept OEMs. We're gonna need a real OS like Windows, Linux, or even MacOS.Findecanor - Friday, April 2, 2021 - link
Don't attribute to ineptitude what can be adequately explained by malice. The OEMs want you to buy new hardware when your banking app no longer works.Silver5urfer - Wednesday, March 31, 2021 - link
Ah the good old x86 death threat comments, how long it has been since the last ? Anyways AI is not going to dethrone x86, everyone is going to buy the leader's chips - Nvidia or they will make their own, also Intel has FPGA and Xilinx has FPGA as well, a.k.a AMD. So they can build specialized cores whenever they feel it.Apple is not competing in the server space, so they cannot touch AMD and Intel volumes in x86, all they do is Consumer business, all their servers also run on x86 lmao. The ARM dominance over x86 doesn't exist, as per the Servermarketshare it doesn't come close, since over 95% it is x86, and AMD is now slowly taking away Intel's share of Xeon with EPYC series.
So far no ARM processor beat EPYC Rome, next the AWS Graviton2 is excl. to Amazon, Microshaft rumors on building own chip will be exclusive, they want centralization of the power into their ecosystem because oil's age of power is over. Anyways, so what's left ? Google ? hah the incompetent and politically radicalist nature of them is utter stupid and their castration of Android is unforgettable. They are simply moving all AOSP into Google services turning it into another Apple walled garden, and their HW is pathetic, only agenda is dumbing down. So ARM works there because the phones can only run on ARM HW. Yes they outnumber desktop parts by a huge still the world relies on x86 computing, even if the SW is dumbed down (Win10 UWP etc.. Mac OS into phone hybrid OS, less power user features) there's massive market of Dell / HP / Lenovo / Supermicro / Gigabyte who all cater to x86 ONLY. So the hero ARM doesn't have an OEM lol, That latest 80C Altra Ampere ofc is available but it's weak vs AMD. Intel IceLake Xeon is coming as well, and fat stacks already went to the CTOs to get Intel HW only, Marvell Thunder ? Last time I heard they were going to build custom chips, Fujitsu A64FX ? custom. Oh I forgot, Nuvia, Qualcomm swallowed them so they are going to resurrect Centriq ? after how they axed all custom in house designs with it and pushing only ARM cores on Android.. I guess so.
Finally what does ARM provide ? more custom bs where you cannot do anything since the OEM owns your HW top to bottom and cannot have good backwards compat because the SW is made for dumbed down users ? hint - Surface SQ2, to be honest even x86 Surface has highly locked down HW. Macboooks ? everything soldered down and locked down, what else consumers have to rave so hard about ARM, i suppose Raspberry Pi which is going to dethrone x86 (Pi is amazing HW not doubting at all but people have to realize what is it that ARM is providing to them over x86 in both HW and SW stack and user customization) Finally the Switch, it is huge in numbers and a new HW is on the horizon for the DLSS equipped HW Pro edition but is it comparable to the AMD SoC in Xbox and PS ? nope.
But yeah x86 is going to die lmao.
viktorcode - Wednesday, March 31, 2021 - link
I would love to archive this comment for posterity...Wilco1 - Wednesday, March 31, 2021 - link
"So far no ARM processor beat EPYC Rome, next the AWS Graviton2 is excl. to Amazon"If you had bothered to read the Milan review, you would know that Ampere Altra not only outperforms Rome by a good margin, but matches Milan as well (1% faster on 1S SPECINT_rate). All that with a 2-year old core and 1/8th of the cache... ~15% of AWS is now Graviton and still growing fast, so it is obviously displacing a huge amount of x86 servers.