CAPEC-663: Exploitation of Transient Instruction Execution
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
An adversary exploits a hardware design flaw in a CPU implementation of transient instruction execution to expose sensitive data and bypass/subvert access control over restricted resources. Typically, the adversary conducts a covert channel attack to target non-discarded microarchitectural changes caused by transient executions such as speculative execution, branch prediction, instruction pipelining, and/or out-of-order execution. The transient execution results in a series of instructions (gadgets) which construct covert channel and access/transfer the secret data.
执行流程
步骤 1 Explore
[Survey target application and relevant OS shared code libraries] Adversary identifies vulnerable transient instruction sets and the code/function calls to trigger them as well as instruction sets or code fragments (gadgets) to perform attack.
- Utilize Disassembler and Debugger tools to examine and trace instruction set execution of source code and shared code libraries on a system.
步骤 2 Explore
[Explore cache and identify impacts] Utilize tools to understand the impact of transient instruction execution upon address spaces and CPU operations.
- Run OS or application specific tools that examine the contents of cache.
步骤 1 Experiment
[Cause conditions for identified transient instruction set execution] Adversary ensures that specific code/instructions of the target process are executed by CPU, so desired transient instructions are executed.
步骤 2 Experiment
[Cause specific secret data to be cached from restricted address space] Executed instruction sets (gadgets) in target address space, initially executed via adversary-chosen transient instructions sets, establish covert channel and transfer secret data across this channel to cache.
- Prediction-based - adversary trains CPU to incorrectly predict/speculate conditions for instruction execution to be true, hence executing adversary-chosen transient instructions. These prediction-based methods include: Pattern History Table (PHT)/Input Validation Bypass, Branch Target Buffer (BTB)/Branch Target Injection, Return Stack Buffer (RSB)/Return Address Injection, and Store To Load (STL)/Speculative Store Bypass.
- Exception/Fault-based - adversary has CPU execute transient instructions that raise an exception allowing inaccessible memory space to be accessed via out-of-order execution. These exception/fault-based methods include: Supervisor-only Bypass, Virtual Translation Bypass, System Register Bypass, FPU Register Bypass, Read-only Bypass, Protection Key Bypass, and Bounds Check Bypass.
步骤 1 Exploit
[Perform covert channel attack to obtain/access secret data] Adversary process code removes instructions/data from shared cache set, waits for target process to reinsert them back into cache, to identify location of secret data via a timing method. Adversary continuously repeat this process to identify and access entirety of targeted secret data.
- Flush+Reload - adversary frequently flushes targeted memory cache line using a dedicated machine flush instruction, and uses another process to measure time taken for CPU to load victim secret data.
- Evict+Time - adversary causes victim to load target set into cache and measures time for victim process to load this data, setting a baseline. Adversary evicts a specified cache line and causes victim process to execute again, and measures any change in execution time, to determine if cache line was accessed.
- Prime+Probe - adversary primes cache by filling cache line(s) or set(s) with data, after some time victim process evicts this adversary data to replace it with secret data. The adversary then probes/accesses all the previously accessed cache lines detecting cache misses, which determine that their attacker data has been evicted and replaced with secret data from victim process.
前提条件
- The adversary needs at least user execution access to a system and a maliciously crafted program/application/process with unprivileged code to misuse transient instruction set execution of the CPU.
所需技能
所需资源
- C2C mechanism or direct access to victim system, capable of dropping malicious program and collecting covert channel attack data.
- Malicious program capable of triggering execution of transient instructions or vulnerable instruction sequences of victim program and performing a covert channel attack to gather data from victim process memory space. Ultimately, the speed with which an attacker discovers a secret is directly proportional to the computational resources of the victim machine.
后果影响
影响范围: Confidentiality
技术影响: Read Data
影响范围: Access Control
技术影响: Bypass Protection Mechanism
影响范围: Authorization
技术影响: Execute Unauthorized Commands
缓解措施
Implementation: DAWG (Dynamically Allocated Way Guard) - processor cache properly divided between different programs/processes that don't share resources
Implementation: KPTI (Kernel Page-Table Isolation) to completely separate user-space and kernel space page tables
Configuration: Architectural Design of Microcode to limit abuse of speculative execution and out-of-order execution
Configuration: Disable SharedArrayBuffer for Web Browsers
Configuration: Disable Copy-on-Write between Cloud VMs
Configuration: Privilege Checks on Cache Flush Instructions
Implementation: Non-inclusive Cache Memories to prevent Flush+Reload Attacks