Emerging non-volatile memory(NVM)is expected to become the main candidate for next-generation main memory,owing to its excellent properties such as DRAM-like performance,data persistence,high density and low static power consumption.But the widespread use of NVM still faces the challenge of data security issues.Data confidentiality and integrity are two major aspects of memory security,usually guaranteed by counter mode encryption(CME)and integrity tree verification in current secure NVM designs.These security mechanisms introduce a large amount of security metadata,such as counters,bonsai merkle tree(BMT)nodes,SGX-style integrity tree(SIT)nodes,etc.However,it is not easy to implement a secure NVM system.Due to the non-volatile property of NVM,the security mechanisms need to solve the problem of how to recover the security metadata for correct decryption and verification after a system crash(i.e.,the metadata crash consistency problem).Existing schemes do not fully consider the access characteristics of user data and security metadata,leading to high NVM write traffic and performance overheads,which are unfriendly to the write-sensitive NVM.To address the above issues,this paper designs efficient metadata crash consistency mechanisms for secure NVM,so as to further promote the development and application of NVM systems.To address the problem of the significant access overhead caused by the counter crash consistency mechanism in CME-based NVM systems,a secure NVM encryption and recovery scheme based on persistent transactions(CCAE)is proposed.In a CME-based NVM system,the crash consistency mechanism for encryption counters is indispensable for correct data encryption and decryption.However,existing schemes overlook the correlation between data access and counter access in the NVM management mechanism,resulting in high NVM write traffic.CCAE combines the counter crash consistency mechanism with the existing NVM persistent transaction mechanism,achieving efficient data encryption and fast counter recovery.According to the append characteristic of log writing in persistent transactions,CCAE proposes a shared log counter optimization for log encryption,reducing the number and access overhead of log counters.Meanwhile,according to the different recovery requirements of user data in persistent transactions,CCAE designs the delayed counter persistency scheme for user data,reducing the persistency frequency and access overhead of data counters.Evaluation results show that compared with the state-of-the-art design,CCAE reduces NVM write traffic caused by counters by 67.2% and decreases the system execution time by 13.8%.To decrease the high overhead of serial updates caused by the BMT crash consistency mechanism in BMT-protected NVM systems,a dynamic and recoverable BMT scheme(DR-TREE)for secure NVM is proposed.BMT is a common integrity verification method in secure NVM.However,existing schemes fail to efficiently guarantee the atomic BMT root update and instant system recovery required for BMT crash recovery,resulting in large write traffic and performance overhead.DR-TREE dynamically builds BMT according to memory write requests,and merges repeated BMT updates based on the locality of memory write requests,thus reducing unnecessary update overhead of BMT root.In addition,DR-TREE achieves fast crash recovery with extremely low write traffic by delaying the partial recovery process without compromising system security.Evaluation results show that compared to the state-of-the-art design,DR-TREE reduces NVM write traffic by 77.4% and decreases the system execution time by 44.6%.To reduce the high persistency overhead of SIT caused by SIT crash consistency mechanism in SIT-protected NVM systems,a lazy persistency verification and fast recovery scheme for SIT(LPFR-SIT)is proposed.The parallel update feature of SIT can speed up the integrity verification process of memory data.However,existing schemes ignore the dependencies between SIT nodes and strictly persist SIT nodes to ensure SIT recovery after system crashes,thereby generating unacceptable NVM write traffic and performance overhead.LPFR-SIT designs a restrained write-back metadata cache scheme to reduce the persistency overhead of SIT,adjusts the update method of SIT to lazy update,and exploits the inter-layer dependency of SIT for crash recovery.Besides,LPFR-SIT proposes a lightweight address tracking mechanism and a mix-tree protection mechanism to achieve fast and secure SIT recovery with minimal NVM write traffic.Evaluation results show that compared to the state-of-the-art design,LPFR-SIT reduces NVM write traffic by 47.6% and decreases the system execution time by 17.2%. |