Security Software

Rogue Data Cache Load / CVE-2017-5754 / INTEL-SA-00088

2018-01-03
2018-01-03
5.6

Medium

Industry-wide severity ratings can be found in the National Vulnerability Database

Critical
Medium
High
Low

Aliases

  • Meltdown
  • Variant 3

Overview

This method involves an application (user) attacker directly probing kernel (supervisor) memory. Such an operation typically results in a program error (page fault due to page table permissions). However, it is possible for such an operation to be speculatively executed under certain conditions for certain implementations. For instance, on some implementations speculatively probing memory will only pass data on to subsequent operations if the data is resident in the lowest level data cache (L1). This can allow the data in question to be queried by the malicious application, leading to a side channel that reveals supervisor data. This method only applies to regions of memory designated supervisor-only by the page tables, not memory designated as not present.
 

Mitigation

For this method, the operating system software may ensure that privileged pages are not mapped when executing user code to prevent user mode from accessing privileged pages. The OS can establish two paging structure roots (CR3 values) for each user process:

  • The User paging structure should map all application pages, but only the minimal subset of supervisor pages required for normal processor operation and for transitioning to and from full supervisor mode.
  • The Supervisor paging structure should map all kernel pages. It may wish to map application pages as well, for convenient access.  

This basic dual-page-table approach was previously proposed as a mitigation for side channel attacks on Kernel Address Space Layout Randomization (KASLR) in the “KASLR is Dead: Long Live KASLR” paper and was called KAISER. This approach also mitigates Rogue Data Cache Load. Intel has worked with various OS vendors to enable a dual-page-table approach in their operating systems.

The Process Context Identifier (PCID) is a processor feature that can greatly reduce the performance cost of TLB flushes caused by frequent reloading of CR3 during user/supervisor mode transitions. OSes can take advantage of this feature on processors that support PCID.

Future Intel processors will also have hardware support for mitigating Rogue Data Cache Load.

OS and driver developers

Linux*

Rogue data cache load exploit targets a processor’s speculative data loading mechanisms. Even though the processor’s access control may protect a piece of data, it may still be read speculatively before an illegal access is determined to exist. The rogue data cache load exploit occurs entirely within code which is under the control of an attacker. This means we cannot modify the kernel to mitigate this exploit—we must fundamentally change where kernel data is available. The mitigation for this is conceptually very simple: instead of relying on a processor’s access-control mechanisms to protect data, simply remove the data instead.

In Linux*, this mitigation is referred to as Kernel Page Table Isolation (KPTI). This mitigation removes the data from the reach of exploits by having the kernel maintain two independent copies of the hardware page tables. One copy contains the minimal set of data and code needed to run an application and enter or exit the kernel, but it does not contain valuable kernel data. This helps ensure no valuable data can be leaked by an exploit running outside the kernel. The other set of page tables, active only while the kernel is running, contains everything needed for the kernel to function normally, including its private data.

Microsoft Windows*

Refer to Microsoft*’s public blogs for servers and clients.

References


Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. Performance varies depending on system configuration. Check with your system manufacturer or retailer or learn more at www.intel.com.

All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps.

The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request.

Intel provides these materials as-is, with no express or implied warranties.

No product can be absolutely secure.

Intel, the Intel logo, Intel Core, Intel Atom, Intel Xeon, Intel Xeon Phi, Intel® C Compiler, Intel Software Guard Extensions, and Intel® Trusted Execution Engine are trademarks of Intel Corporation in the U.S. and/or other countries.

*Other names and brands may be claimed as the property of others.