AMD CPUs have yet another flaw, it’s been revealed. Researchers say they’ve shown “Take A Way” techniques to steal private AES keys, leak kernel memory, set up covert cloud channels and other dirty, dark deeds.
AMD appears to have its head in the sand: It’s just telling people there’s nothing to see here. But the team that discovered the flaw says the chip maker’s response is hokum.
These aren’t just any old researchers. They’re some of the same academics behind Meltdown, Spectre, ZombieLoad, etc.
“Use safe computer practices,” is AMD’s ostrich-like advice. In today’s SB Blogwatch, we try not to panic (again).
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: DIY ASMR.
What’s the craic? Paul Alcorn reports—“New AMD Side Channel Attacks Discovered”:
A new paper … details two new “Take A Way” attacks … that can leak secret data from AMD processors by manipulating the L1D cache predictor. The researchers claim [it] impacts all AMD processors from 2011 to 2019.
The university says it disclosed the vulnerabilities to AMD on August 23, 2019 … but there isn’t any word of a fix yet. … AMD responded to [my] queries with an advisory [that] is a bit nebulous [and] does not point to any mitigations for the attack in question. [AMD] says there are no new mitigations required [but] the researchers do not agree.
And Catalin Cimpanu adds—“Academics disclose new Collide+Probe and Load+Reload attacks”:
The two new attacks impact the security of the data processed inside the CPU and allow the theft of sensitive information or the downgrade of security features. … The company has not released microcode … updates, claiming these “are not new speculation-based attacks,” a statement that the research team disagrees with.
The two new attacks were discovered after a team of six academics … reverse-engineered [the] hashing function that AMD processors are using to handle μTag entries inside the L1D cache way predictor mechanism. … Introduced in AMD processors in 2011 [it] reduces power consumption by improving the way the CPU handles cached data inside its memory.
But attacks on CPUs and their caches have been detailed for many years now. What makes them truly dangerous is if they can be exploited in the wild. … The Collide+Probe and Load+Reload bugs … can be exploited in real-world scenarios … without needing physical access.
Researchers said they broke kernel ASLR on a fully updated Linux system, but also ASLR for operating systems and apps running inside hypervisors. … They said … data exfiltration speed was clocked at 588.9 kB/s.
That’s pretty fast. Moritz Lipp et al paper over the cracks—“Exploring the Security Implications of AMD’s Cache Way Predictors”:
We reverse-engineered AMD’s L1D cache way predictor … resulting in two new attack techniques. … Collide+Probe allows monitoring memory accesses on the current logical core without the knowledge of physical addresses or shared memory.
With Load+Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core. While Load+Reload relies on shared memory, it does not invalidate the
cache line, allowing stealthier attacks that do not induce any last-level-cache evictions.
And Daniel Gruss—@lavados washes up the details: [You’re fired—Ed.]
I’m one of the authors. … This statement from AMD denies something that we never claimed.
Predictors are dangerous if an adversary can observe speculative operations. Way predictors look less dangerous than branch predictors for now. But also, branch predictors looked much less dangerous before Spectre was discovered.
Meltdown was a much stronger attack and have you heard of anyone getting attacked with that? I haven’t.
Meltdown and Spectre use side channels as a communication channel. There are many different side channels. Meltdown and spectre can use any side channel basically. This is a new side channel. It’s not a variant of Meltdown or Spectre.
Take A Way is a side channel, this is not a weaker form of a transient execution attack, it’s simply something orthogonal.
Intel has been funding part of my research group over the past 2 years. During that time we published 14+ papers with a co-author funded this way. Of these 10 find flaws on Intel CPUs. … I’m happy that my funding sources do not restrict my academic freedom and independence.
So should we be worried? spth analyzes three of the researchers’ case studies:
“Covert Channel” … allows entities to communicate that shouldn’t (e.g., communication between two virtual machines on the same host). … Might be a building block in other attacks.
Breaking address space layout randomization … doesn’t look dangerous by itself, but defeats an important countermeasure to … attacks, so useful as a building block.
“Attacking AES T-Tables” … looks like a big deal to me. … They were able to recover 99.7% of the bits of an AES key from OpenSSL … which means for all practical purposes, they got the key. And I guess the attack will be used in a similar way in the future to attack further cryptography.
OK now I’m worried. Don’t be, says atq2119:
I kind of have to agree with AMD’s assessment. … The attacks outlined in the paper all take the form of setting up an L1 cache structure in some way to induce collisions with other threads (or with the kernel running in the same thread), and then measure when collisions occurred in order to deduce bits of the memory addresses accessed by the other thread (or the kernel).
This type of attack has been known for a long time. … It seems to be generally agreed upon that it is software’s responsibility to guard against this kind of attack.
Making it easier to break ASLR feels like the biggest potential problem here, and I’m not sure it really is one.
Aand here come the AMD fanbois. For example, Metal Messiah is here to shave us:
Actually, a vast majority of ‘speculative execution’ attacks don’t impact AMD, with a few exceptions. … AMD’s CPUs seem to have significantly higher resiliency against speculative execution attacks compared to Intel.
Ho hum. spectramax has seen it all before:
Putting Intel marketing (awful), and AMD’s marketing (awful again), and their fan bases (toxic) aside, can we acknowledge the fact that working on a computer architecture is an extraordinarily complex task … that requires brilliant people all working together?
Meanwhile, EETech1 loooks ahead:
Pretty soon you’ll be able to order different SKUs for the same processor; one will enforce strict boundaries for everything, the other one will be 10x as fast while potentially giving access to your data in order to optimize calculations per second/watt.
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hate mail may be directed to @RiCHi or email@example.com. Ask your doctor before reading. Your mileage may vary. E&OE.