Presentation is loading. Please wait.

Presentation is loading. Please wait.

Meltdown / Spectre issue?

Published byEliane Roussy Modified over 6 years ago

Similar presentations

Presentation on theme: "Meltdown / Spectre issue?"— Presentation transcript:

1 Meltdown / Spectre issue?
WELCOME! So… How big a deal is the Meltdown / Spectre issue?

2 How big a deal is the Meltdown / Spectre cybersecurity issue?
Affects just about anything with a CPU since 1995.

3 What is the issue? A hardware vulnerability that could allow an attacker to access sensitive date in the protected KERNAL memory of a device including passwords, Crypto keys, personal data, s and anything else. Heavily impacts Intel CPUs but others are not immune. Including AMD. This includes ARM processors found in MS Surface, as smartphones, tablets, multimedia players and other mobile devices, such as wearables.  Apple devices are not immune.

4 Side note There's also a not-safe-for-work nickname that was reportedly conceived by the Linux kernel team: F***WIT (which stands for "Forcefully Unmap Complete Kernel With Interrupt Trampolines").

5 Why are we just hearing about it?
It turns out that Intel and a handful of software development giants, among them Apple, Microsoft, and the Linux kernel developers, have known about the design flaw since at least November 2017 and have been working behind the scenes to prepare for a coordinated public disclosure and remediation of the issue. (At least, that was the plan until "python sweetness" and The Register brought the issue out of obscurity and into the public spotlight.) Source - Source - Source -

6 More Details Whenever a running program needs to do anything useful – such as write to a file or open a network connection – it has to temporarily hand control of the processor to the kernel to carry out the job. To make the transition from user mode to kernel mode and back to user mode as fast and efficient as possible, the kernel is present in all processes' virtual memory address spaces, although it is invisible to these programs. When the kernel is needed, the program makes a system call, the processor switches to kernel mode and enters the kernel. When it is done, the CPU is told to switch back to user mode, and reenter the process. While in user mode, the kernel's code and data remains out of sight but present in the process's page tables.

7 More Details User programs have to utilize the KERNAL to access memory . Including memory allocation to the KERNAL and to that USER program.

8 Think of it as three separate spaces
KERNAL Hardware on Chip Memory CPU cache USER space KERNAL space

9 Hardware on Chip Unprivileged program memory space KERNAL space CPU
More Details Unprivileged program memory space Hardware on Chip KERNAL space CPU cache USER space Abstraction - There is a “little bit” of the KERNAL in memory allocated to each program. Newer CPUs come with a hardware CPU cache and predictive “look-forward” capability to anticipate what a program might need before it is needed.

10 Hardware on Chip Unprivileged program memory space KERNAL space
More Details Hardware on Chip Unprivileged program memory space KERNAL space CPU cache aka Kernal Page Table USER space A users program cannot access the memory locations reserved to the KERNAL. The KERNAL is in effect invisible to the user program. The users program can utilize things like device drivers via a SYSTEM CALL that the KERNAL makes available to it.

11 Hardware on Chip Unprivileged program memory space KERNAL space
More Details Unprivileged program memory space Hardware on Chip KERNAL space CPU cache Cool secret stuff Cool secret stuff USER space However a user program can attempt to query memory locations reserved to the KERNAL. Maybe that memory location contains “Cool Secret Stuff”. When they do they will generate an EXCEPTION (error) conditon but not before the info is cached.

12 Hardware on Chip Unprivileged program memory space KERNAL space
More Details Unprivileged program memory space Hardware on Chip KERNAL space CPU cache Cool secret stuff Cool secret stuff USER space So what happens is the bad guys take advantage of the race condition that temporarily reveals the “Cool Secret Stuff” in the cache in the very brief time before it is cleared.

13 Hardware on Chip Unprivileged program memory space KERNAL space
Side Attack Unprivileged program memory space Hardware on Chip KERNAL space CPU cache Cool secret stuff Cool secret stuff USER space Note that the bad guys have to gather the “Cool Secret Stuff BEFORE the CPU cache is cleared.

14 Unprivileged program Hardware on Chip memory space KERNAL space
Solution – Unmap the Kernal Page Table for USER space processes (programs). Sounds simple, right? Unprivileged program memory space Hardware on Chip KERNAL space CPU cache USER space This could cause SERIOUS program slow downs (2% to 30% hypothesized. Especially for applications like VMware.

15 Why have a CPU cache anyway?
Unprivileged program memory space Hardware on Chip CPU cache or KPT KERNAL space Cool secret stuff Cool secret stuff USER space The KPT or Kernal Page Table is used to improve processing performance.

16 More Details Source -

17 Meltdown vs. Spectre Meltdown – Think desktops, servers and laptops.
Spectre – Think mobile and IoT devices. Source - mashable.com/2018/01/04/google-chrome-spectre-precaution-meltdown/#quZpgg.aTSqS

18 Meltdown vs. Spectre Meltdown – Patch
Spectre – Protect using browser settings and browser patches for now. Not so fast. This is a quickly changing issue. Some patches are actually Bricking systems. Some AV vendors are blocking the patches. Example is Symantec (but the may have this fixed now, they are working on it as we speak).

19 Interim steps to protect Google Chrome from Spectre :
Browse to chrome://flags/#enable-site-per-process Click “Enable" on "Strict site isolation." You'll need to restart your browser, but otherwise that's it. Google - "The performance loss for Chrome specifically should be negligible.”  Source -

20

Download ppt "Meltdown / Spectre issue?"

Similar presentations

Operating System.

Operating System.
User-Mode Linux Ken C.K. Lee

User-Mode Linux Ken C.K. Lee
Computers Software. Computer Layers Hardware BIOS Operating System Applications.

Computers Software. Computer Layers Hardware BIOS Operating System Applications.
Virtual Machines What Why How Powerpoint?. What is a Virtual Machine? A Piece of software that emulates hardware.  Might emulate the I/O devices  Might.

Virtual Machines What Why How Powerpoint?. What is a Virtual Machine? A Piece of software that emulates hardware.  Might emulate the I/O devices  Might.
OS Fall ’ 02 Introduction Operating Systems Fall 2002.

OS Fall ’ 02 Introduction Operating Systems Fall 2002.
OS Spring’03 Introduction Operating Systems Spring 2003.

OS Spring’03 Introduction Operating Systems Spring 2003.
Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.

Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.
1 OS & Computer Architecture Modern OS Functionality (brief review) Architecture Basics Hardware Support for OS Features.

1 OS & Computer Architecture Modern OS Functionality (brief review) Architecture Basics Hardware Support for OS Features.
Basics of Operating Systems March 4, 2001 Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard.

Basics of Operating Systems March 4, 2001 Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard.
Tanenbaum 8.3 See references

Tanenbaum 8.3 See references
Operating System. Architecture of Computer System Hardware Operating System (OS) Programming Language (e.g. PASCAL) Application Programs (e.g. WORD, EXCEL)

Operating System. Architecture of Computer System Hardware Operating System (OS) Programming Language (e.g. PASCAL) Application Programs (e.g. WORD, EXCEL)
CS 1308 Computer Literacy and the Internet. Introduction  Von Neumann computer  “Naked machine”  Hardware without any helpful user-oriented features.

CS 1308 Computer Literacy and the Internet. Introduction  Von Neumann computer  “Naked machine”  Hardware without any helpful user-oriented features.
8.4 paging Paging is a memory-management scheme that permits the physical address space of a process to be non-contiguous. The basic method for implementation.

8.4 paging Paging is a memory-management scheme that permits the physical address space of a process to be non-contiguous. The basic method for implementation.
Visualizing Technology© 2012 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation To Accompany Chapter 6 System Software.

Visualizing Technology© 2012 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation To Accompany Chapter 6 System Software.
1 CMSC421: Principles of Operating Systems Nilanjan Banerjee Principles of Operating Systems Assistant Professor, University of Maryland Baltimore County.

1 CMSC421: Principles of Operating Systems Nilanjan Banerjee Principles of Operating Systems Assistant Professor, University of Maryland Baltimore County.
Construction Planning and Prerequisite

Construction Planning and Prerequisite
Operating Systems Security

Operating Systems Security
Chapter 9 Operating Systems Discovering Computers Technology in a World of Computers, Mobile Devices, and the Internet.

Chapter 9 Operating Systems Discovering Computers Technology in a World of Computers, Mobile Devices, and the Internet.
Chapter 3 Operating Systems. © 2005 Pearson Addison-Wesley. All rights reserved 3-2 Chapter 3 Operating Systems 3.1 The Evolution of Operating Systems.

Chapter 3 Operating Systems. © 2005 Pearson Addison-Wesley. All rights reserved 3-2 Chapter 3 Operating Systems 3.1 The Evolution of Operating Systems.
Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.

Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.

Similar presentations

Ads by Google