On the Effectiveness of Same-Domain Memory Deduplication

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Memory deduplication, an OS memory optimization technique that merges identical pages into a single Copy-on-Write (CoW) page, has been shown to be susceptible to a variety of timing side channel attacks, all of which stem from the differences between write times to the CoW page and to the normal page. To mitigate this issue, operating systems only merge pages from the same security domain (e.g., from the same process); moreover, browsers can piggyback on this defense with the recent adoption of site isolation. This was all considered sufficient, because it thwarts existing attacks, which have all relied upon separate domain (e.g., cross-process) scenarios. In this paper, we examine the effectiveness of same-domain memory deduplication as a mitigation by presenting two case studies that show that an attacker can still leverage the deduplication side channel to leak secrets. Specifically, our case studies highlight one key flaw: That it is non-Trivial to separate programs into separate security domains. In the first case study, we examine a client-server scenario-A scenario that inherently requires a server to read data from an untrusted client-And demonstrate that the client can control the alignment of data in memory to disclose the server's secret data. In the second case study, we examine a recent version of Firefox-A browser that has undergone massive efforts to ensure that data from different origins are separated into different domains-And demonstrate that nonetheless, a malicious webpage can exploit the browser's partial implementation of site isolation to leak secret data across tabs. We conclude that same-domain memory deduplication as a defense is difficult to implement correctly, and hence, is insufficient.

Original languageEnglish
Title of host publicationEuroSec '22
Subtitle of host publicationProceedings of the 15th European Workshop on Systems Security
PublisherAssociation for Computing Machinery, Inc
Pages29-35
Number of pages7
ISBN (Electronic)9781450392556
DOIs
Publication statusPublished - Apr 2022
Event15th European Workshop on Systems Security, EuroSec 2022 - Virtual, Online, France
Duration: 5 Apr 20228 Apr 2022

Conference

Conference15th European Workshop on Systems Security, EuroSec 2022
Country/TerritoryFrance
CityVirtual, Online
Period5/04/228/04/22

Bibliographical note

Funding Information:
We thank our shepherd, Alessandro Sorniotti, and the anonymous reviewers for their valuable comments. This work was supported by the EU’s Horizon 2020 research and innovation programme under grant agreement No. 825377 (UNICORE) and by Netherlands Organisation for Scientific Research through project “Intersectž. This paper reflects only the authors’ view. The funding agencies are not responsible for any use that may be made of the information it contains.

Publisher Copyright:
© 2022 ACM.

Keywords

  • memory deduplication
  • side channel attacks

Fingerprint

Dive into the research topics of 'On the Effectiveness of Same-Domain Memory Deduplication'. Together they form a unique fingerprint.

Cite this