Software solutions can be quite tricky: as an example, you can look at the possible modifications in the Linux kernel against Spectre v1 and v2. Hardware solutions were first implemented in the eighth generation of Intel processors, as well as in AMD’s Zen 2 CPUs. The new microcode covering some of the vulnerabilities has been available for Intel processors since the 2013 Haswell generation. Often true mitigation requires a combination of firmware and software updates. Theoretically there are three ways to make a processor vulnerability less exploitable: vendors can issue a microcode update for existing processors, they can modify new CPUs, or try to solve the problem through the software updates. Intel’s summary table lists more than 20 of these issues, in addition to the original three. Researchers continue to look for new methods for extracting secret data by exploiting the vulnerabilities of processors. But researchers have found ways to indirectly read that data.Īfter the publication of work on Spectre and Meltdown, several more similar vulnerabilities were discovered. This mechanism was considered safe, because that erroneously read “secret” was not transmitted to the program. It is stored in the cache and can be retrieved from there through side channels. POC for the Spectre v1 showed that the processor will read data that should be inaccessible by the program. If the prediction is wrong, the calculations are just discarded. If the prediction was correct, the processor resources will be used more efficiently. This mechanism was introduced more than 20 years ago, it allows you to speed up performance by executing a set of instructions even before an explicit request for their execution from the program. In all cases, researchers exploited the branch prediction system. The last argument is precisely what aroused particular interest in this seemingly theoretical scientific work.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |