Computer Architecture and Security

XKCD about security

In this section, I am going to talk about some recently discovered security vulnerabilities, Spectre and Meltdown. These vulnerabilities were first publicized at the beginning of 2018. Since then, there has been a large number of similar vulnerabilities discovered including Foreshadow, Fallout, in March of 2020 LVI, and, most recently Platypus in November 2020! To be honest, I thought they had run out of clever names with LVI and that they might stop finding new avenues for attacks. I guess I was wrong!

Why talk about these vulnerabilities

The discovery of these vulnerabilities has fundamentally change how (most) computer architects think about building systems, myself included. In this video, I describe that we are talking about these vulnerabilities because they touch on many concepts that we will learn in this class.

A brief overview of Meltdown

These attacks made huge news when they were first announced from tech-based sites like Ars Technica and Wired to mainstream media like The New York Times. (BTW, since you’re a student at UC Davis, you can access the NYTimes for free through the library.)

Not only did the news cover it, but so did YouTubers. I think the video below gives a good, quick, explanation of Meltdown. After watching this video, I’m going to go through some of the details that it missed.

A little deeper on Meltdown

Video explaining Meltdown works.

Code taken from https://github.com/IAIK/meltdown. If you run this code on your computer, you can find out if you’re vulnerable to Meltdown. If you’ve updated your OS in the last two years, you should be OK.

Discussion

What security vulnerability is the following if statement supposed to protect against?

if (x < size) {
    y = array[x];
}

Why doesn’t this actually provide the protection expected by the programmer?

Discuss in the Discord app!
Or, on the web

What about Spectre?

Spectre is actually much worse than Meltdown. Below, I’ll talk about how to mitigate Meltdown, but mitigating Spectre is basically impossible without completely redesigning the processor. I explain more about Spectre works below.

A video explaining how Spectre works.

Code taken from https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6. If you run this code on your computer, you can find out if you’re vulnerable to Spectre. Many (most?) systems are still vulnerable to this code!

See a blog post I wrote about simulating Spectre with the gem5 simulator for more details about how Spectre affects the microarchitecture of an out-of-order core.

Discussion

What does ‘fetching’ an instruction mean? What does ‘executing’ an instruction mean?

Look ahead to the Processor Architecture section to find out more!

Discuss in the Discord app!
Or, on the web

Take away and something to think about

Video describing the key problems that led to Spectre and Meltdown.

Required readings

As mentioned in the video above, in our first discussion we will talk about the ethical implications of disclosing hardware vulnerabilities. Before your discussion section, read these two short blog posts and write one paragraph explaining whether you believe researchers should disclose vulnerabilities. Turn this in on Canvas. (Note: the above video said to turn this in on Gradescope, but please use the Canvas link above instead.)

These were written for the SIGARCH Computer Architecture Today Blog. SIGARCH is the ACM’s special interest group (SIG) for computer architecture. This is the professional and research society for computer architects. If you’re interested in cutting edge computer architecture research and you don’t want to wade through 12 page research papers, the SIGARCH blog is a great way to see what’s going on in the research community. I even wrote one about the simulator infrastructure development going on here at UC Davis!

QUIZ Security and architecture

Use Canvas to complete the quiz

Extra reading

Actually, this exact bug happened back in 2005, but no one knew it could be used to exfiltrate data. They just thought it was a nasty one-off bug.

This blog post describes how a very similar bug was discovered in the Xbox 360 hardware and how it reeked havoc on the game developers before the Xbox engineers “fixed” the problem by removing what they thought was a clever feature.

Discussion

General discussion

Discuss in the Discord app!
Or, on the web


Previous submodule: