Processor vendors constantly introduce new hardware features. Operating systems (OSes) generally enable these features by default, leaving their management to individual applications. This approach, however, can introduce performance overhead or new attack surfaces, a problem termed feature burden . Applications currently lack a fine-grained mechanism to select which hardware features to use. To address this limitation, we introduce the Bespoke Process (bes-proc), a novel operating system abstraction complemented by new hardware extensions for applications with strict performance and security demands. With bes-proc, an application specifies its desired hardware feature set via a processor mask , requiring no modification to the application’s binary. We demonstrate the efficacy of bes-proc by evaluating it on a RISC-V FPGA platform across representative use cases, such as serverless computing, large-memory workloads, and security-sensitive tasks. Our evaluation shows that bes-proc improves performance by a factor of 2.1x to 4.7x.
Yang et al. (Tue,) studied this question.