jeanclaude
/
BachelorThesis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

NEW: related work and various cleanup

This commit is contained in:
Jean-Claude 2022-07-26 16:19:18 +02:00
parent dcac8fa44a
commit a4c5d671a3
Signed by: jeanclaude
GPG Key ID: 8A300F57CBB9F63E
11 changed files with 122 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
acronyms.tex
View File

@ -80,6 +80,10 @@
short = RSB,
long = \techterm{Return Stack Buffer}
}
\DeclareAcronym{sls}{
short = SLS,
long = \techterm{Straight Line Speculation}
}
\DeclareAcronym{smap}{
short = SMAP,
long = \techterm{Supervisor Mode Access Prevention}

2
chapters/00-abstract.tex
View File

@ -17,7 +17,7 @@ As a preliminary step, we evaluate speculative \ac{bti} and show that for variou
Using these insights, we have developed a \ac{pf}-free training primitive for \retbleed.
Since in-depth mitigations are necessary to secure the CPU, we have benchmarked the patches to evaluate the induced overhead.
While the overhead depends on the microarchitectures, the overall gist is that induced overheads are pretty substantial.
While the overhead depends on the microarchitectures, the overall gist is that induced overheads are substantial.
\vfil
\clearpage

2
chapters/10-introduction.tex
View File

@ -16,7 +16,7 @@ In an early version of the \retbleed{} paper, a \ac{pf}-based mitigation was pro
While it has the advantage that the induced overhead is practically zero, kernel developers apprehended that the mitigation is incomplete, and therefore, a more in-depth solution is required.
To justify the more elaborate patches, it is required to know if the \ac{pf}-based mitigation is indeed incomplete and to have some knowledge about the performance penalty of the mitigation.
\section{Challenges\todo{call research question}}
\section{Challenges\ask{I would rather call this section "Research Question"}}
\label{sec:challenges}
% Describe the challenges.
\retbleed{} is mitigated by AMD, Intel, and kernel developers via a rather involved set of kernel patches.

10
chapters/20-background.tex
View File

@ -165,7 +165,7 @@ When the CPU notices a branching instruction, which it does after decoding it, i
The \ac{bpu} consists of multiple predictors, and the one to use for a particular instruction is chosen based on the type of the instruction.
In the following, we will look at the two predictors relevant for this thesis.
Due to the proprietary nature of CPUs, only very little is officially communicated about the \ac{bpu}'s internals, and researchers have to rely on reverse-engineering efforts.
Due to the proprietary nature of CPUs, only very little is officially communicated about the \ac{bpu}'s internals, and researchers have to rely on reverse-engineering efforts.\cite{projectZero}
\subsubsection{Direct/Indirect Branch Prediction}
\label{subsubsec:dirIndirBranchPrediction}
@ -200,7 +200,7 @@ On AMD, it is a bit more complicated.
Two addresses collide if the address bits are permutated according to a specific schema.
While the collision works for Intel across privilege domains, for AMD, it depends on the microarchitecture.
For Zen 1, it always works.
For Zen 2, only if \ac{smap} and \ac{smep} are disabled or some specific condition is fulfilled \todo{what?}.
For Zen 2, only if \ac{smap} and \ac{smep} are disabled or some specific condition is fulfilled \todo{what is this condition?}.
Lastly, for Zen 3 it does not work across privilege domains.\cite{retbleed}
\subsubsection{Function Return Prediction}
@ -242,7 +242,7 @@ Mitigating a \techterm{spectre attack} can go one of three routes:
\item \techterm{Prevention of speculation}: $\Rightarrow$ \techterm{Disclosure gadget} cannot be executed speculatively.
\item \techterm{Prevention of convert channel}: $\Rightarrow$ Stop leakage of micro-architectural traces.
\begin{itemize}
\item This is not feasible for the Linux Kernel.\todo{add cite}
\item This is not feasible for the Linux Kernel\cite{retbleed}.
\end{itemize}
\end{itemize}
@ -315,7 +315,7 @@ In \autoref{lst:roguePrimitive}, we have used this method to cause a speculation
\subsubsection{Retbleed}
\label{subsubsec:retbleed}
\retbleed{} is a \techterm{transient execution attack}, sharing many similarities with Spectre V2.
\retbleed\cite{retbleed} is a \techterm{transient execution attack}, sharing many similarities with Spectre V2.
It also hijacks branches by poisoning \ac{btb}, but in contrast to Spectre V2, it targets return instructions.
While Spectre\acs{rsb}\cite{spectreRsb} and Ret2Spec\cite{ret2spec} both are return-based spectre attacks, they target the \ac{rsb}, while \retbleed{} targets the \ac{btb}.
@ -328,7 +328,7 @@ We will discuss what both of them mean before wrapping up with the end-to-end \r
\paragraph{Exploitable Return Instructions.}
\label{para:exploitRetInstr}
Using their reverse-engineering, they showed that in some instances, the \acs{rsb}-based return instruction predictor falls back to using the \ac{btb}.
For Intel CPUs \todo{which ones?} this happens for \ac{rsb} underflows.
For Intel CPUs, like Haskwell and Coffee Lake, this happens for \ac{rsb} underflows.
AMD falls back to using the \ac{btb} without the \ac{rsb} underflowing.
Instead, they observe this behavior whenever the return instruction's address collides with the address of a previously encountered indirect branch.
This means that under these conditions, return instructions behave as indirect branches.

4
chapters/34-specRetBti.tex
View File

@ -35,7 +35,7 @@ Therefore, the primitive of Intel is adapted as follows.
The return cycles are removed, and for the training phase, we replace the return instruction with an indirect jump from \verb+BR1+ to \verb+TRAIN+.
These changes are already sufficient to poison the \ac{btb} and hijack any return instruction located at \verb+BR2+, which collides with \verb+BR1+.
\todo{Add schematic for AMD?}
\ask{Also add control flow schematics for AMD?}
\paragraph{Spec \retbti.}
For the speculative version, we want that the return from \verb+BR1+ to \verb+TRAIN+ is not executed architecturally but only speculatively.
@ -102,6 +102,6 @@ Adapting \retbti{} PoC for AMD is more straightforward than for Intel, as the br
While the speculation phase of Spec \retbti{} remains unchanged, we add a rogue function to the training phase.
The function differs from the one for Intel in that it does not conditionally overwrite the \verb+rsb+, but speculation is cased every time.
\todo{Add schematic for AMD?}
\ask{Also add control flow schematics for AMD?}
We comment on the results of this PoC later in \autoref{sec:evaluation} and \ref{sec:discussion}.

27
chapters/70-relatedWork.tex
View File

@ -1,10 +1,31 @@
% !TEX root = ../thesis.tex
\chapter{Related Work}
\label{sec:related_work}
\label{cha:relatedWork}
%It is important to critically compare your work to related work in the area.
%It is often a good idea to categorize previous work in different topics that relate to your work.
%If we refer to another paper, book, website, \dots we add a citation~\cite{Lamport:LaTeX}.
This thesis build on top of results and findings of various papers.
Most notably \retbleed\cite{retbleed}.
This thesis builds on top of the results and findings of various papers.
They are all cited in the appropriate places.
Most notably, it was influenced by the work of \retbleed\cite{retbleed} as it laid the foundation for this thesis and inspired us to evaluate speculative \ac{bti} in the first place.
We want to use this section to allude to a few papers we have not had the chance to introduce yet and which we find interesting or relevant.
During the research on \retbleed{}, Johannes Wikner et al. discovered a new class of speculative executing attacks, which they refer to as \textsc{Phantom} JMPs\cite{retbleedAddendum}.
\textsc{Phantom} JMPs are speculative branches triggered by a non-branching instruction, like, for example, an arithmetic instruction.
They are exploited due to a prediction mechanism that predicts before the instruction is decoded if it is a branching instruction.
By tricking that mechanism into believing that at a specific location, there is a branch, a speculative branch can be triggered.
They showed that AMD Zen 1, Zen 1+ and Zen 2 are affected.
\textsc{Phantom} JMPs were mitigated with the same patches that mitigate \retbleed.\cite{retbleedAmdMitigation,retbleedAddendum}
Another interesting spectre attack, targeting solely Arm CPUs, is \ac{sls}\cite{straightLineSpeculation}.
\ac{sls} differs from \retbleed{} and most spectre vulnerabilities we have looked at in the way that it does not rely on misprediction of the branch prediction unit but exploits a strange behavior of the \ac{bpu} itself.
When encountering an unconditional branching instruction, the \ac{bpu} predicts that the control flow continues as there was no branching instruction.
This also applies to return instructions.
When an attacker can control the executed code, it can place gadget code after such an instruction.
If successfully, the gadget gets executed speculatively.
While hard to exploit, it has been mitigated.
First compilers like GCC\cite{straightLineSpeculationMitigationGcc} and LLVM\cite{straightLineSpeculationMitigationLlvm} were patched, and later on also in the Linux kernel\cite{straightLineSpeculationMitigationKernel}.
The idea of the mitigation is simple.
A speculation barrier, for example, the debug instruction \verb+int3+, is added after affected branching instruction.

1
chapters/80-conclusion.tex
View File

@ -17,3 +17,4 @@ Therefore, we regard it as inevitable to further reason about the possible conse
By benchmarking the mitigation, we were able to show that common microarchitectures suffer from \SIrange{13}{37}{\percent} performance penalty when ultimately mitigating \retbleed.
As this is substantial overhead, we support the development of alternative mitigations like the ones from Thomas Gleixner et al.\cite{retbleedNewMitigation}.
Alternatively, one might consider a different mitigation techniques like preventing convert channels altogether\cite{preventConvertChannel}.

7
preamble.tex
View File

@ -34,6 +34,13 @@
\fi
}
\newcommand{\ask}[1]{
\textcolor{orange}{ASK: #1}
\ifdefined\PRINTTODO
\PackageWarning{TODO:}{#1!}
\fi
}
\usepackage[per-mode=symbol,range-phrase = \text{--}]{siunitx}
\DeclareSIUnit{\pp}{\textup{percentage point}} % percentage points

78
refs.bib
View File

@ -95,6 +95,7 @@
year = "2018",
}
%% Spectre V1 Mitiagation GCC
@Misc{spectreV1Mitigation,
author = "H. J. Lu",
title = "x86: {CVE-2017-5715}, aka Spectre",
@ -105,6 +106,60 @@
note = "[Online; accessed 24-July-2022]",
}
%% Straight Line Speculation Whitepaper
@InProceedings{straightLineSpeculation,
title = "Straight-Line Speculation Whitepaper",
author = "{ARM}",
URL = "\url{https://developer.arm.com/documentation/102825/0100/?lang=en}",
year = "2020",
month = jun,
}
%% Stright Line Speculation Mitigation Kernel
@Misc{straightLineSpeculationMitigationKernel,
author = "Peter Zijlstra",
title = "{[PATCH} v2 0/6] x86: Add stright-line-speculation
mitigations",
year = "2021",
month = dec,
day = "4",
howpublished = "\url{https://lwn.net/ml/linux-kernel/20211204134338.760603010@infradead.org/}",
note = "[Online; accessed 26-July-2022]",
}
%% Stright Line Speculation Mitigation GCC
@Misc{straightLineSpeculationMitigationGcc,
author = "Matthew Malcomson",
title = "Straight Line Speculation {(SLS)} mitigation.",
year = "2020",
month = jun,
day = "8",
howpublished = "\url{https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html}",
note = "[Online; accessed 26-July-2022]",
}
%% Stright Line Speculation Mitigation LLVM
@Misc{straightLineSpeculationMitigationLlvm,
author = "Kristof Beyls",
title = "[llvm-dev] Mitigating straight-line speculation
vulnerability {CVE-2020-13844}",
year = "2020",
month = jun,
day = "8",
howpublished = "\url{https://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html}",
note = "[Online; accessed 26-July-2022]",
}
@Misc{projectZero,
author = "{Project Zero Team}",
title = "Reading privileged memory with a side-channel",
year = "2018",
month = jan,
day = "3",
howpublished = "\url{https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html}",
note = "[Online; accessed 26-July-2022]",
}
%%%
% Retbleed
%%%
@ -131,6 +186,15 @@
commit = "23d87ad7094292653f71192566a95cf45d4fbcc9",
}
%% Addendum
@InProceedings{retbleedAddendum,
author = "Johannes Wikner and Daniël Trujillo and Kaveh
Razavi",
title = "Addendum to {Retbleed}: Arbitrary Speculative Code
Execution with Return Instructions",
year = "2022",
}
%% Mitigation Merge Message
@Misc{retbleedMitigation,
author = "Linus Torvalds",
@ -176,9 +240,10 @@
%% Intel Mitigation
@Misc{retbleedIntelMitigation,
author = "Intel",
title = "Return Stack Buffer Underflow / CVE-2022-29901, CVE-2022-28693",
title = "Return Stack Buffer Underflow / {CVE-2022-29901},
{CVE-2022-28693}",
year = "2022",
month = "July",
month = jul,
day = "5",
publisher = "Intel",
howpublished = "\url{
@ -266,6 +331,15 @@
year = "2022",
}
@InProceedings{preventConvertChannel,
title = "Prevention of microarchitectural covert channels on an
open-source 64-bit {RISC-V} core",
author = "Nils Wistoff and Moritz Schneider and Frank K
G{\"u}rkaynak and Luca Benini and Gernot Heiser",
journal = "arXiv preprint arXiv:2005.02193",
year = "2020",
}
%%%
% Sites
%%%

4
thesis.tex
View File

@ -6,8 +6,6 @@
\begin{document}
\todo{Add correct data to variables}
\input{./title.tex}
\thispagestyle{empty}
@ -45,8 +43,6 @@
\clearpage
\todo{Make sure title is correct: List of XXX}
\todo{Are included in Toc? as section or chapter?}
\addcontentsline{toc}{chapter}{List of Figures}
\listoffigures
\addcontentsline{toc}{chapter}{List of Tables}

2
variables.tex
View File

@ -4,7 +4,7 @@
\newcommand*{\tutorName}{Johannes Wikner}
\newcommand*{\thesisTitle}{An Evaluation of Speculative Retbleed}
\newcommand*{\thesisType}{Bachelor Thesis}
\newcommand*{\authorEmail}{dummy@superdummy.com}
\newcommand*{\authorEmail}{jegraf@student.ethz.ch}
\newcommand*{\authorLegi}{XX-XxX-xXx}
\newcommand*{\authorSemester}{6}
\newcommand*{\dateDuration}{February 2022 to August 2022}