Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Wednesday August 15 2018, @02:02AM   Printer-friendly
from the [sigh] dept.

Intel's SGX blown wide open by, you guessed it, a speculative execution attack

Another day, another speculative execution-based attack. Data protected by Intel's SGX—data that's meant to be protected even from a malicious or hacked kernel—can be read by an attacker thanks to leaks enabled by speculative execution.

Since publication of the Spectre and Meltdown attacks in January this year, security researchers have been taking a close look at speculative execution and the implications it has for security. All high-speed processors today perform speculative execution: they assume certain things (a register will contain a particular value, a branch will go a particular way) and perform calculations on the basis of those assumptions. It's an important design feature of these chips that's essential to their performance, and it has been for 20 years.

[...] What's in store today? A new Meltdown-inspired attack on Intel's SGX, given the name Foreshadow by the researchers who found it. Two groups of researchers found the vulnerability independently: a team from KU Leuven in Belgium reported it to Intel in early January—just before Meltdown and Spectre went public—and a second team from the University of Michigan, University of Adelaide, and Technion reported it three weeks later.

SGX, standing for Software Guard eXtensions, is a new feature that Intel introduced with its Skylake processors that enables the creation of Trusted Execution Environments (TEEs). TEEs are secure environments where both the code and the data the code works with are protected to ensure their confidentiality (nothing else on the system can spy on them) and integrity (any tampering with the code or data can be detected). SGX is used to create what are called enclaves: secure blocks of memory containing code and data. The contents of an enclave are transparently encrypted every time they're written to RAM and decrypted on being read. The processor governs access to the enclave memory: any attempt to access the enclave's memory from outside the enclave should be blocked.

[...] As with many of the other speculative execution issues, a large part of the fix comes in the form of microcode updates, and in this case, the microcode updates are already released and in the wild and have been for some weeks. With the updated microcode, every time the processor leaves execution of an enclave, it also flushes the level 1 cache. With no data in level 1 cache, there's no scope for the L1TF to take effect. Similarly, with the new microcode leaving, management mode flushes the level 1 cache, protecting SMM data.

Also at Engadget and Wired.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Insightful) by Anonymous Coward on Wednesday August 15 2018, @08:05AM (6 children)

    by Anonymous Coward on Wednesday August 15 2018, @08:05AM (#721705)

    What got me thinking is how much energy is wasted through this speculative execution? The values do get calculated (costs energy), but discarded afterwards. To me this seems in terms of energy efficiency very poor efficiency. On a single system it might not be much (a few milli-/nanowatts maybe), but if one would count up all computers worldwide this could run into megawatts of wasted energy.

    Starting Score:    0  points
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  

    Total Score:   1  
  • (Score: 2) by sce7mjm on Wednesday August 15 2018, @10:15AM (2 children)

    by sce7mjm (809) on Wednesday August 15 2018, @10:15AM (#721729)

    A bit like bitcoin?

    • (Score: 0) by Anonymous Coward on Wednesday August 15 2018, @10:24AM

      by Anonymous Coward on Wednesday August 15 2018, @10:24AM (#721730)

      More like a burning light on a place where nobody is.

    • (Score: 2) by coolgopher on Wednesday August 15 2018, @12:55PM

      by coolgopher (1157) on Wednesday August 15 2018, @12:55PM (#721753)

      Cue speculative blockchain implementation jokes...

  • (Score: 2) by HiThere on Wednesday August 15 2018, @05:51PM

    by HiThere (866) Subscriber Badge on Wednesday August 15 2018, @05:51PM (#721864) Journal

    It can't be *that* bad, because Intel chips have the reputation of running cooler than AMD chips. Or maybe that's the energy they save by not doing security checks properly.

    --
    Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
  • (Score: 0) by Anonymous Coward on Wednesday August 15 2018, @09:01PM (1 child)

    by Anonymous Coward on Wednesday August 15 2018, @09:01PM (#721918)

    It's not so simple. By completing the computation faster, you free the CPU earlier, and the system can low-power idle earlier.

    I saw this at the macro scale with a pretty stable load when tuning machines to a "hotter" configuration (faster multiplier, higher vcore) led to less wall power (the systems were completing work and idling for larger %ages, and peripherals powering down was a thing, this was spinning rust days). It's not hard to construct artificial scenarios at the microcode level where the same occurs.

    If you want a car analogy, it's better to drive 10km at 20kph than at 1kph, gas-wise, because idling for 10h is terrible and A/C and music and so on for 10h are not energy-free.

    • (Score: 0) by Anonymous Coward on Saturday August 18 2018, @11:54AM

      by Anonymous Coward on Saturday August 18 2018, @11:54AM (#723099)

      But also an idle computer is terrible waste. A lot of resources have been used to put the machine together, preferably it should run 100% for all its life!

      Definitely not simple.