ShareMMU: Supporting Secure Address Translation Sharing among Untrusted Accelerators

Abstract

The growing demand for accelerated computing is driving widespread deployment of multi-accelerator systems in the cloud and at the edge. These systems are temporally shared across processes that may not mutually trust one another and often include large pools of third-party, untrusted accelerators operating within a shared virtual address space. Due to the limited capability of the Input-Output Memory Management Unit (IOMMU) in supporting address translation, SoC designers are integrating large Shared Translation Lookaside Buffers (TLBs) that serve many accelerators and processes. While effective for performance, shared TLBs introduce new security risks that require urgent and careful consideration. This paper presents ShareMMU, an IOMMU design that securely enables reuse of pre-translated addresses across multiple untrusted accelerators while also mitigating side-channels in the shared TLB. Compared to state-of-the-art mechanisms like Border Control and CryptoMMU, which incur 32% and 17% performance overhead, respectively, ShareMMU incurs a negligible 1.66% performance overhead relative to an unsecured baseline. Our side-channel resilient variant, ShareMMU-SP, incurs roughly 2.82% overhead.

Publication
In the 59th IEEE/ACM International Symposium on Microarchitecture (MICRO 2026)

Related