Thursday 27 October 2016
This paper is a pretty interesting attack on kernel ASLR, based on observing timing differences in (invalid) accesses to kernel memory from user-space with Intel's TSX hardware transactional memory primitives. There is other recent work on kernel ASLR information leaks based on cache timing and BTB timing. I was a bit underwhelmed by the BTB attacks but this TSX-based attack is much stronger. My guess is that there are a lot more timing-channel and other side-channel attacks to be discovered under this thread model. While I was at Berkeley, I was quite stunned to hear that Intel's SGX enclave extension was designed for a threat model that explicitly excludes side-channel attacks!
This all reminds me of the wave of CFI bypass attacks. CFI and ASLR are supposed to reduce exploitability of bugs providing attack primitives like buffer overflows, but in the long run, they may not be much good. This increases the importance of denying attackers access to these primitives in the first place. Programming languages that reduce the TCB are an important part of that. Glad to be writing most of our new code in Rust!
Tangentially, I wonder whether the publication of the TSX-timing-channel paper was a good thing overall (other than for the careers of the researchers), given the paper's conclusion that there are no practical countermeasures without hardware changes or significant performance degradation ... not even a microcode update to disable TSX is available. Ostensibly the value of attack papers, like white-hat security analysis, is to stimulate the creation and deployment of defensive countermeasures, but in this case there really aren't any. Would we all be better off, in practice, if the issue had been reported to hardware vendors and silently fixed, with microcode updates available for older hardware, before publication? Like Andrew Myers, I feel that the incentives to favour attack research over defense mean we're spending a lot of public money to mostly make the security situation worse.