LVI Hijacking Transient Execution with Load Value Injection Daniel Gruss, Daniel Moghimi, Jo Van Bulck Hardwear.io Virtual Con, April 30, 2020 1 Daniel Gruss, Daniel Moghimi, Jo Van Bulck National Geographic Processor security: Hardware isolation mechanisms App App App Enclave VM OS VM OS Hypervisor (VMM) 3 Daniel Gruss, Daniel Moghimi, Jo Van Bulck CPU Cache printf("%d", i); printf("%d", i); 4 Daniel Gruss, Daniel Moghimi, Jo Van Bulck CPU Cache Cache miss printf("%d", i); printf("%d", i); 4 Daniel Gruss, Daniel Moghimi, Jo Van Bulck CPU Cache Request Cache miss printf("%d", i); printf("%d", i); 4 Daniel Gruss, Daniel Moghimi, Jo Van Bulck CPU Cache Request Cache miss printf("%d", i); i printf("%d", i); Response 4 Daniel Gruss, Daniel Moghimi, Jo Van Bulck CPU Cache Request Cache miss printf("%d", i); i printf("%d", i); Response Cache hit 4 Daniel Gruss, Daniel Moghimi, Jo Van Bulck CPU Cache DRAM access, slow Request Cache miss printf("%d", i); i printf("%d", i); Response Cache hit No DRAM access, much faster 4 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Flush+Reload Shared Memory ATTACKER VICTIM flush access access 5 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Flush+Reload Shared Memory ATTACKER VICTIM flush cached Shared Memory access access cached 5 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Flush+Reload Shared Memory ATTACKER VICTIM flush Shared Memory access access 5 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Flush+Reload Shared Memory ATTACKER VICTIM flush access access 5 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Flush+Reload Shared Memory ATTACKER VICTIM flush access access 5 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Flush+Reload Shared Memory ATTACKER VICTIM flush Shared Memory access access 5 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Flush+Reload Shared Memory ATTACKER VICTIM flush Shared Memory access access 5 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Flush+Reload Shared Memory ATTACKER VICTIM flush Shared Memory access access fast if victim accessed data, slow otherwise 5 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Memory Access Latency Cache Hits 107 104 101 Number of Accesses 50 100 150 200 250 300 350 400 Latency [Cycles] 6 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Memory Access Latency Cache Hits Cache Misses 107 104 101 Number of Accesses 50 100 150 200 250 300 350 400 Latency [Cycles] 6 Daniel Gruss, Daniel Moghimi, Jo Van Bulck We can communicate across protection walls using microarchitectural side-channels! Leaky processors: Jumping over protection walls with side-channels App App App Enclave VM OS VM OS Hypervisor (VMM) 9 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Side-channel attacks are known for decades already – what’s new? 4000 3000 2000 DO WE JUST SUCK AT... COMPUTERS? YUP. ESPECIALLY SHARED ONES. 1000 1990 1994 1998 2002 2006 2010 2014 2018 10 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Side-channel attacks are known for decades already – what’s new? 4000 3000 2000 DO WE JUST SUCK AT... COMPUTERS? YUP. ESPECIALLY SHARED ONES. 1000 1990 1994 1998 2002 2006 2010 2014 2018 10 Daniel Gruss, Daniel Moghimi, Jo Van Bulck 4/30/2020 Pipeline Bubble Fetch Decode Execute Commit movb $20, %al F D add %rax, %rcx F sub %rdx, %rsi jne target: add %rax, %rax target: 11 Daniel Gruss, Daniel Moghimi, Jo Van Bulck 1 1 4/30/2020 Pipeline Bubble Fetch Decode Execute Commit movb $20, %al F D X add %rax, %rcx F D sub %rdx, %rsi F jne target: add %rax, %rax target: 11 Daniel Gruss, Daniel Moghimi, Jo Van Bulck 2 2 4/30/2020 Pipeline Bubble Fetch Decode Execute Commit movb $20, %al F D X C add %rax, %rcx F D X sub %rdx, %rsi F D jne target: F add %rax, %rax target: 11 Daniel Gruss, Daniel Moghimi, Jo Van Bulck 3 3 4/30/2020 Pipeline Bubble Fetch Decode Execute Commit movb $20, %al F D X C add %rax, %rcx F D X C sub %rdx, %rsi F D X jne target: F D add %rax, %rax target: 11 Daniel Gruss, Daniel Moghimi, Jo Van Bulck 4 4 4/30/2020 Pipeline Bubble Fetch Decode Execute Commit movb $20, %al F D X C add %rax, %rcx F D X C sub %rdx, %rsi F D X C jne target: F D X add %rax, %rax target: 11 Daniel Gruss, Daniel Moghimi, Jo Van Bulck 5 5 4/30/2020 Pipeline Bubble Fetch Decode Execute Commit movb $20, %al F D X C add %rax, %rcx F D X C sub %rdx, %rsi F D X C jne target: F D X add %rax, %rax F target: 11 Daniel Gruss, Daniel Moghimi, Jo Van Bulck 6 6 Branch Prediction and Side Channel cmp %rax, %rbx 0x100123: jne <target> 12 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Branch Prediction and Side Channel cmp %rax, %rbx 0x100123: jne <target> PHT 12 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Branch Prediction and Side Channel cmp %rax, %rbx 0x100123: jne <target> PHT BTB 12 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Branch Prediction and Side Channel cmp %rax, %rbx 0x100123: jne <target> PHT BTB 0xff00123: jne <target2> 12 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Branch Prediction and Side Channel cmp %rax, %rbx 0x100123: jne <target> PHT BTB 0xff00123: jne <target2> 12 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Branch Prediction and Side Channel cmp %rax, %rbx 0x100123: jne <target> PHT BTB 0xff00123: jne <target2> 12 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Branch Prediction and Side Channel cmp %rax, %rbx 0x100123: jne <target> PHT BTB 0xff00123: jne <target2> 12 Daniel Gruss, Daniel Moghimi, Jo Van Bulck RSA M=C d modn 13 Daniel Gruss, Daniel Moghimi, Jo Van Bulck RSA M=C d modn 1 1 0 0 1 1 0 ::: Result = C 13 Daniel Gruss, Daniel Moghimi, Jo Van Bulck RSA M=C d modn 1 1 0 0 1 1 0 ::: Result = Result × Result × C square multiply 13 Daniel Gruss, Daniel Moghimi, Jo Van Bulck RSA M=C d modn 1 1 0 0 1 1 0 ::: Result = Result × Result square 13 Daniel Gruss, Daniel Moghimi, Jo Van Bulck RSA M=C d modn 1 1 0 0 1 1 0 ::: Result = Result × Result square 13 Daniel Gruss, Daniel Moghimi, Jo Van Bulck RSA M=C d modn 1 1 0 0 1 1 0 ::: Result = Result × Result × C square multiply 13 Daniel Gruss, Daniel Moghimi, Jo Van Bulck RSA M=C d modn 1 1 0 0 1 1 0 ::: Result = Result × Result × C square multiply 13 Daniel Gruss, Daniel Moghimi, Jo Van Bulck RSA M=C d modn 1 1 0 0 1 1 0 ::: Result = Result × Result square 13 Daniel Gruss, Daniel Moghimi, Jo Van Bulck ? ?? Spectre-PHT (v1) LUT index =0; char* data = ”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =0; char* data =”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =0; char* data =”textKEY”; if (index < 4) Speculate else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =0; char* data =”textKEY”; if (index < 4) Execute else then Index ’t’ Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =1; char* data = ”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =1; char* data = ”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =1; char* data = ”textKEY”; if (index < 4) Speculate Index ’e’ else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =1; char* data = ”textKEY”; if (index < 4) Index ’e’ else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =2; char* data = ”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =2; char* data = ”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =2; char* data = ”textKEY”; if (index < 4) Speculate else then Prediction Index ’x’ LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =2; char* data = ”textKEY”; if (index < 4) else then Prediction Index ’x’ LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =3; char* data = ”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =3; char* data = ”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =3; char* data = ”textKEY”; if (index < 4) Speculate else then Index ’t’ Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =3; char* data = ”textKEY”; if (index < 4) else then Index ’t’ Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =4; char* data = ”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =4; char* data = ”textKEY”; if (index < 4) else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =4; Index ’K’ char* data = ”textKEY”; if (index < 4) Speculate else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index =4; Index ’K’ char* data = ”textKEY”; if (index < 4) Execute else then Prediction LUT[data[index] * 4096] 0 15 Daniel Gruss, Daniel Moghimi, Jo Van Bulck Spectre-PHT (v1) LUT index