a group of iResearchers from the Graz University of Technology (Austria), formerly known for developing the MDS, NetSpectre, Throwhammer and ZombieLoad attacks, has revealed a new side channel attack (CVE-2021-46778) in the AMD processor's scheduler queue used to schedule the execution of instructions in different execution units of the CPU.
The attack, called SQUIP, allows to determine the data used in the calculations in another process or virtual machine or organize a hidden communication channel between processes or virtual machines that allows data to be exchanged without going through the system access control mechanisms.
All the AMD CPUs based on 1st, 2nd and 3rd Zen microarchitectures generation (AMD Ryzen 2000-5000, AMD Ryzen Threadripper, AMD Athlon 3000, AMD EPYC) Are affected when Simultaneous Multithreading (SMT) technology is used.
Modern CPUs use a superscalar design, where multiple instructions are executed simultaneously to maximize performance. These CPUs process instructions in a pipeline through several stages: (1) fetch, (2) decode, (3) program/execute, and (4) fetch.
The attack is based on evaluating the level of occurrence of contention (contention level) in different scheduler queues and is done through the measurement of delays when starting check operations performed in another SMT thread on the same physical CPU. To analyze the content, the Prime+Probe method was used, which involves filling the queue with a set of reference values and determining the changes by measuring the access time to them at the time of reload.
The program/execute stage can process instructions out of order to maximize instruction level parallelism. We briefly describe each of these stages:
-Search. The CPU looks for the next instruction to execute from the L1i cache.
-Decode. To allow efficient execution, the obtained instructions (macro operations) are decoded into one or more simpler microoperations (µops) and placed in a µop queue. These µops are fed into the backend, where they are scheduled and executed.
-Schedule/Run. The scheduler(s) keep track of which µops are ready for execution (have available inputs) and dynamically schedule them (out of order) to the available execution units. A CPU core has multiple execution units and can have multiple arithmetic and logic units (ALUs), branch execution units (BRUs), address generation units (AGUs).
During the experiment, researchers were able to completely recreate the 4096-bit private RSA key used to create digital signatures using the mbedTLS 3.0 cryptographic library, which uses the Montgomery algorithm to raise a number to a power modulus. 50.500 traces were needed to determine the key.
Total attack time took 38 minutes. Attack variants that provide a leak between different processes and virtual machines controlled by the KVM hypervisor are demonstrated. It is also shown that the method can be used to orchestrate covert data transfer between virtual machines at a rate of 0,89 Mbit/s and between processes at a rate of 2,70 Mbit/s with an error rate of less than 0,8, XNUMX%.
The CPU core is divided into multiple logical cores, or threads, executing independent instruction streams but sharing resources such as the L1i cache. µops of these threads also share execution units dynamically to allow higher total utilization. The partition of different parts of the kernel.
It is done through competitive exchange. AMD Zen architectures allow two threads
per core. These threads can be from a single program or from different programs, as managed by the operating system.
Intel processors are not susceptible attack because they use a single scheduling queue, while vulnerable AMD processors use separate queues for each execution unit.
As a solution to block information leakage, AMD recommended that developers use algorithms that always perform mathematical calculations in constant time, regardless of the nature of the data being processed, and also prevent forking based on secret data.
Finally, if you are interested in being able to know more about it, you can consult the details in the following link.