Execute on Clear (EoC): Enhancing Security for Unsafe Speculative Instructions by Precise Identification and Safe Execution

Speculative execution attacks exploit incorrect speculation to execute malicious instructions and leak data via microarchitectural covert channels. Existing mitigations focus on restricting transmission-related instructions related to covert channels. In this paper, we propose the Execute on Clear (EoC), which offers an efficient defense strategy against covert channels in speculative execution attacks. EoC employs a two-stage identification method, which precisely identifies malicious transmission-related instructions by considering both the insecure data dependency and the status of microarchitecture components exploited by the attack. Moreover, with identification results, EoC guarantees the safe execution of transmission-related instructions, preventing unnecessary blocking. By reducing the misidentification and the blocked execution of such instructions, EoC avoids unnecessary maintenance operations and reduces performance overheads. We evaluate EoC on SPEC2006 and PARSEC3.0 workloads, revealing a performance overhead of merely 0.98% and 3.29% in the Spectre and Futuristic defense models, respectively. Notably, EoC exhibits lower performance overhead in comparison to existing methods.