Side-channel attacks based on speculative execution access sensitive data and use transmitters to leak such data during wrongpath execution. Speculative side-channel defenses have been proposed to prevent such information leakage. In one class of defenses, speculative instructions are considered unsafe and are delayed until they become non-speculative.However, not all speculative instructions are unsafe: Recent work demonstrates that speculative invariant instructions are independent of a speculative control-flow path and are guaranteed to eventually execute and commit, regardless of the outcome of the performed speculation. Compile time information coupled with run-time mechanisms can then selectively lift defenses for Speculative Invariant instructions, regaining some of the performance lost to "delay" defenses.Unfortunately, speculative invariance can be easily mishandled with Speculative Interference to leak information using a new side-channel that we introduce in this paper. Recent work shows that younger speculative instructions can interfere with older non-speculative instructions that are bound to commit. This "backward" speculative interference reveals speculatively accessed secrets through the non-speculative instructions, in a way that delay-defenses do not cover, rendering them ineffective for this type of attack.In our work, we show that the counterpart to backward speculative interference, i.e., forward speculative interference, enables older speculative instructions to interfere with younger speculative-invariant (bound-tocommit) instructions, effectively turning them into transmitters for secret data accessed during speculation. We demonstrate forward speculative interference on real hardware, by selectively filling the reorder buffer (ROB) with spurious instructions, pushing speculative-invariant instructions inor-out the ROB on demand, based on a speculatively accessed secret. This reveals the speculatively accessed secret, as the occupancy of the ROB itself becomes a new speculative side-channel. We also demonstrate that it is possible to use the x86 ISA REP prefix, which unrolls as a micro-op loop in the microarchitecture at decode time (before any sidechannel defenses have taken effect), as a method for generating spurious instructions. We propose several mitigations that range from changing compile-time decisions for speculative-invariance to run-time mechanisms that aim to make ROB occupancy operand-independent.
Speculative side-channel attacks access sensitive data and use transmitters to leak the data during wrong-path execution. Various defenses have been proposed to prevent such information leakage. However, not all speculatively executed instructions are unsafe: Recent work demonstrates that speculation invariant instructions are independent of speculative control-flow paths and are guaranteed to eventually commit, regardless of the speculation outcome. Compile-time information coupled with run-time mechanisms can then selectively lift defenses for speculation invariant instructions, reclaiming some of the lost performance.Unfortunately, speculation invariant instructions can easily be manipulated by a form of speculative interference to leak information via a new side-channel that we introduce in this paper. We show that forward speculative interference where older speculative instructions interfere with younger speculation invariant instructions effectively turns them into transmitters for secret data accessed during speculation. We demonstrate forward speculative interference on actual hardware, by selectively filling the reorder buffer (ROB) with instructions, pushing speculative invariant instructions in-or-out of the ROB on demand, based on a speculatively accessed secret. This reveals the speculatively accessed secret, as the occupancy of the ROB itself becomes a new speculative side-channel.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.