Spectre-Variant1_Internals.pdf

Spectre Variant-1 Internals @mmxsrup

Spectre Attacks (variant-1) Spectre gadget 2 uint8_t array1[array1_size]; uint8_t array2[];
// prob if (x < array1_size) y = array2[array1[x] * 4096]; ; r1 = x cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: C Asm

Spectre Attacks (variant-1) Execute repeatedly with correct value (r1<arr1_size) 3
Instruction Cache ... load r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END cmp_r1, array1_size slow op Commit # r1 = 0 (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + 0 array2 + r2

Spectre Attacks (variant-1) False learning of branch predictor 4 Instruction
Cache ... load r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END cmp_r1, array1_size slow op Commit # r1 = 0 (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + 0 array2 + r2 Don't jump with jde

Spectre Attacks (variant-1) Clean the cache state 5 Instruction Cache
... load r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END cmp_r1, array1_size slow op Commit # r1 = 0 (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr clflush

Spectre Attacks (variant-1) Execute with invalid value (r1>= array1_size) 6
Instruction Cache Commit # r1 = x’ (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load Schedule Cache Done Pred Corr The target value address is [array1 + r1]

Spectre Attacks (variant-1) Wrong speculative execution start 7 Instruction Cache
... load r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END cmp_r1, array1_size slow op Commit # r1 = x’ (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr Don't jump with jde

Spectre Attacks (variant-1) Out-of-Order Execution 8 Instruction Cache ... load
r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END cmp_r1, array1_size slow op Commit # r1 = 0 (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr

r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END cmp_r1, array1_size slow op Commit # r1 = x’ (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + x’

r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END cmp_r1, array1_size slow op Commit # r1 = x’ (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + x’ array2 + r2

Spectre Attacks (variant-1) Execution of the ﬁrst instruction of ROB
is completed 12 Instruction Cache ... load r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END cmp_r1, array1_size slow op Commit # r1 = x’ (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + x’ array2 + r2

Spectre Attacks (variant-1) Instructions are committed in order 13 Instruction
Cache ... load r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END cmp_r1, array1_size Commit # r1 = x’ (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + x’ array2 + r2

Spectre Attacks (variant-1) Instructions are committed in order 14 Instruction
Cache ... load r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END Commit # r1 = x’ (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + x’ array2 + r2

Spectre Attacks (variant-1) Detect speculative execution mistakes 15 Instruction Cache
... load r3, [array2 + r2] shl r2, 12 load r2, [array1 + r1] jge END Commit # r1 = x’ (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr “ (Prediction && !Correct) == 1 “ is speculative execution mistake array1 + x’ array2 + r2

Spectre Attacks (variant-1) Pipeline ﬂush 16 Instruction Cache Commit #
r1 = x’ (user_input) slow op cmp r1, array1_size jge END load r2, [array1 + r1] shl r2, 12 load r3, [array2 + r2] END: Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr Pipeline flush and restart array1 + x’ array2 + r2

Spectre Attacks (variant-1) Read value ( [array1 + r1] (=r2)
) with Flush+Reload 17 Instruction Cache Commit Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr Access r2 in order (array2 + 0, 1, 2,…, 0xff) and restore the value of r2 array1 + x’ array2 + r2

) with Flush+Reload 18 Instruction Cache Commit Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + x’ array2 + r2 array2 + 0 Access to [array2 + 0] is slow

) with Flush+Reload 19 Instruction Cache Commit Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + x’ array2 + r2 array2 + 1 array2 + 0 Access to [array2 + 1] is slow

) with Flush+Reload 20 Instruction Cache Commit Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + x’ array2 + 2 array2 + 1 array2 + 0 Access to [array2 + 2] is fast • r2 = 0x2 • [array1+x’] = 0x2

) with Flush+Reload 21 Instruction Cache Commit Reorder Buffer Decode Rename Branch Predictoin ALU Load shl r2, 12 cmp r1, array1_size slow operation load r3, [array2 + r2] load r2, [array1 + r1] Schedule Cache Done Pred Corr array1 + x’ array2 + 2 array2 + 1 array2 + 0 Access to [array2 + 2] is fast • r2 = 0x2 • [array1+x’] = 0x2 I was able to read a logically unreadable value ( array1[x’] (x’ >= array1_size) ). In other words, the secret key stored in array1[x’] can be read.

Spectre-Variant1_Internals.pdf

Spectre-Variant1_Internals.pdf

srup

More Decks by srup

Featured

Transcript

Spectre Variant-1 Internals @mmxsrup

Spectre Attacks (variant-1) Spectre gadget 2 uint8_t array1[array1_size]; uint8_t array2[];

Spectre Attacks (variant-1) Execute repeatedly with correct value (r1<arr1_size) 3

Spectre Attacks (variant-1) False learning of branch predictor 4 Instruction

Spectre Attacks (variant-1) Clean the cache state 5 Instruction Cache

Spectre Attacks (variant-1) Execute with invalid value (r1>= array1_size) 6

Spectre Attacks (variant-1) Wrong speculative execution start 7 Instruction Cache

Spectre Attacks (variant-1) Out-of-Order Execution 8 Instruction Cache ... load

Spectre Attacks (variant-1) Out-of-Order Execution 9 Instruction Cache ... load

Spectre Attacks (variant-1) Out-of-Order Execution 10 Instruction Cache ... load

Spectre Attacks (variant-1) Out-of-Order Execution 11 Instruction Cache ... load

Spectre Attacks (variant-1) Execution of the ﬁrst instruction of ROB

Spectre Attacks (variant-1) Instructions are committed in order 13 Instruction

Spectre Attacks (variant-1) Instructions are committed in order 14 Instruction

Spectre Attacks (variant-1) Detect speculative execution mistakes 15 Instruction Cache

Spectre Attacks (variant-1) Pipeline ﬂush 16 Instruction Cache Commit #

Spectre Attacks (variant-1) Read value ( [array1 + r1] (=r2)

Spectre Attacks (variant-1) Read value ( [array1 + r1] (=r2)

Spectre Attacks (variant-1) Read value ( [array1 + r1] (=r2)

Spectre Attacks (variant-1) Read value ( [array1 + r1] (=r2)

Spectre Attacks (variant-1) Read value ( [array1 + r1] (=r2)