Skip to content

Proof-of-concept for I See Dead Micro-Ops transient execution attack

Notifications You must be signed in to change notification settings

yyilong335/iseedeaduops-poc

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

What is this

This is proof-of-concept code for my paper I See Dead micro-ops: Leaking Secrets via Intel/AMD Micro-Op Caches, published here at ISCA 2021 with Logan Moody, Mohammadkazem Taram and Matthew Jordan (click names to see LinkedIn).

We are advised by Ashish Venkat and Dean M. Tullsen in this publication.

Files in this

  • variant-1: this is a modified Spectre-v1 attack that uses the micro-op cache instead of the LLC
  • lfence-bypass: this is a proof-of-concept that the micro-op cache can make inserting LFENCE useless against spectre attacks
  • environment1: this contains a script to collect environmental information and a record of the environment on which the POC code was run.

How to use this

Clone this repository into a linux server with build-essential installed. We used a Equinix s3.large.x86 server (Coffee Lake architecture) to test.

Each folder contains a ./run script and the lfence-bypass contains a README with extra instructions.

About

Proof-of-concept for I See Dead Micro-Ops transient execution attack

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C++ 83.3%
  • HTML 14.7%
  • Other 2.0%