Download PDFOpen PDF in browser

Reasoning about Translation Lookaside Buffers

19 pagesPublished: May 4, 2017

Abstract

The main security mechanism for enforcing memory isolation in operating systems is provided by page tables. The hardware-implemented Translation Lookaside Buffer (TLB) caches these, and therefore the TLB and its consistency with memory are security crit- ical for OS kernels, including formally verified kernels such as seL4. If performance is paramount, this consistency can be subtle to achieve; yet, all major formally verified ker- nels currently leave the TLB as an assumption.
In this paper, we present a formal model of the Memory Management Unit (MMU) for the ARM architecture which includes the TLB, its maintenance operations, and its derived properties. We integrate this specification into the Cambridge ARM model. We derive sufficient conditions for TLB consistency, and we abstract away the functional details of the MMU for simpler reasoning about executions in the presence of cached address translation, including complete and partial walks.

Keyphrases: isabelle/hol, memory management unit, operating systems, program verification, theorem proving, translation lookaside buffer

In: Thomas Eiter and David Sands (editors). LPAR-21. 21st International Conference on Logic for Programming, Artificial Intelligence and Reasoning, vol 46, pages 490-508.

BibTeX entry
@inproceedings{LPAR-21:Reasoning_about_Translation_Lookaside,
  author    = {Hira Syeda and Gerwin Klein},
  title     = {Reasoning about Translation Lookaside Buffers},
  booktitle = {LPAR-21. 21st International Conference on Logic for Programming, Artificial Intelligence and Reasoning},
  editor    = {Thomas Eiter and David Sands},
  series    = {EPiC Series in Computing},
  volume    = {46},
  publisher = {EasyChair},
  bibsource = {EasyChair, https://easychair.org},
  issn      = {2398-7340},
  url       = {/publications/paper/gNH},
  doi       = {10.29007/c2f1},
  pages     = {490-508},
  year      = {2017}}
Download PDFOpen PDF in browser