Space-Control: Process-Level Isolation for Sharing CXL-based Disaggregated Memory

摘要

Memory disaggregation via CXL enables multi-host resource sharing. However, existing CXL sharing mechanisms enforce coarse-grained, host-level permissions only, leaving isolation to the operating system. Today, virtual memory enables process-level isolation on a host and CXL enables host-level isolation. This creates a critical security gap: the absence of process-level memory isolation in shared disaggregated memory. We present Space-Control, an architectural abstraction that introduces a cross-host identity primitive to enforce confidentiality and integrity. We decouple authorization from the untrusted OS using a hardware-rooted validation engine (SPACE) to establish immutable process identity and a Permission Checker at the memory egress point for fine-grained permission validation. Our design supports 127 concurrent processes across 255 hosts with only 1.56% storage overhead. Cycle-level evaluation using gem5 + SST shows that Space-Control incurs a minimal 3.3% performance penalty with a modest 16 KiB cache, providing a practical and scalable foundation for secure, process-level memory disaggregation.