RIDL: Rogue in-flight data load

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

We present Rogue In-flight Data Load (RIDL), a new class of speculative unprivileged and constrained attacks to leak arbitrary data across address spaces and privilege boundaries (e.g., process, kernel, SGX, and even CPU-internal operations). Our reverse engineering efforts show such vulnerabilities originate from a variety of micro-optimizations pervasive in commodity (Intel) processors, which cause the CPU to speculatively serve loads using extraneous CPU-internal in-flight data (e.g., in the line fill buffers). Contrary to other state-of-the-art speculative execution attacks, such as Spectre, Meltdown and Foreshadow, RIDL can leak this arbitrary in-flight data with no assumptions on the state of the caches or translation data structures controlled by privileged software. The implications are worrisome. First, RIDL attacks can be implemented even from linear execution with no invalid page faults, eliminating the need for exception suppression mechanisms and enabling system-wide attacks from arbitrary unprivileged code (including JavaScript in the browser). To exemplify such attacks, we build a number of practical exploits that leak sensitive information from victim processes, virtual machines, kernel, SGX and CPU-internal components. Second, and perhaps more importantly, RIDL bypasses all existing 'spot' mitigations in software (e.g., KPTI, PTE inversion) and hardware (e.g., speculative store bypass disable) and cannot easily be mitigated even by more heavyweight defenses (e.g., L1D flushing or disabling SMT). RIDL questions the sustainability of a per-variant, spot mitigation strategy and suggests more fundamental mitigations are needed to contain ever-emerging speculative execution attacks.

Original languageEnglish
Title of host publicationProceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages88-105
Number of pages18
ISBN (Electronic)9781538666609
DOIs
Publication statusPublished - May 2019
Event40th IEEE Symposium on Security and Privacy, SP 2019 - San Francisco, United States
Duration: 19 May 201923 May 2019

Publication series

NameProceedings - IEEE Symposium on Security and Privacy
Volume2019-May
ISSN (Print)1081-6011

Conference

Conference40th IEEE Symposium on Security and Privacy, SP 2019
CountryUnited States
CitySan Francisco
Period19/05/1923/05/19

Fingerprint

Program processors
Reverse engineering
Surface mount technology
Data structures
Sustainable development
Hardware

Keywords

  • Side-channels
  • Speculative-execution-attacks

Cite this

Van Schaik, S., Milburn, A., Osterlund, S., Frigo, P., Maisuradze, G., Razavi, K., ... Giuffrida, C. (2019). RIDL: Rogue in-flight data load. In Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019 (pp. 88-105). [8835281] (Proceedings - IEEE Symposium on Security and Privacy; Vol. 2019-May). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SP.2019.00087
Van Schaik, Stephan ; Milburn, Alyssa ; Osterlund, Sebastian ; Frigo, Pietro ; Maisuradze, Giorgi ; Razavi, Kaveh ; Bos, Herbert ; Giuffrida, Cristiano. / RIDL: Rogue in-flight data load. Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 88-105 (Proceedings - IEEE Symposium on Security and Privacy).
@inproceedings{b97cb30eee304695910316fa9246a1a2,
title = "RIDL: Rogue in-flight data load",
abstract = "We present Rogue In-flight Data Load (RIDL), a new class of speculative unprivileged and constrained attacks to leak arbitrary data across address spaces and privilege boundaries (e.g., process, kernel, SGX, and even CPU-internal operations). Our reverse engineering efforts show such vulnerabilities originate from a variety of micro-optimizations pervasive in commodity (Intel) processors, which cause the CPU to speculatively serve loads using extraneous CPU-internal in-flight data (e.g., in the line fill buffers). Contrary to other state-of-the-art speculative execution attacks, such as Spectre, Meltdown and Foreshadow, RIDL can leak this arbitrary in-flight data with no assumptions on the state of the caches or translation data structures controlled by privileged software. The implications are worrisome. First, RIDL attacks can be implemented even from linear execution with no invalid page faults, eliminating the need for exception suppression mechanisms and enabling system-wide attacks from arbitrary unprivileged code (including JavaScript in the browser). To exemplify such attacks, we build a number of practical exploits that leak sensitive information from victim processes, virtual machines, kernel, SGX and CPU-internal components. Second, and perhaps more importantly, RIDL bypasses all existing 'spot' mitigations in software (e.g., KPTI, PTE inversion) and hardware (e.g., speculative store bypass disable) and cannot easily be mitigated even by more heavyweight defenses (e.g., L1D flushing or disabling SMT). RIDL questions the sustainability of a per-variant, spot mitigation strategy and suggests more fundamental mitigations are needed to contain ever-emerging speculative execution attacks.",
keywords = "Side-channels, Speculative-execution-attacks",
author = "{Van Schaik}, Stephan and Alyssa Milburn and Sebastian Osterlund and Pietro Frigo and Giorgi Maisuradze and Kaveh Razavi and Herbert Bos and Cristiano Giuffrida",
year = "2019",
month = "5",
doi = "10.1109/SP.2019.00087",
language = "English",
series = "Proceedings - IEEE Symposium on Security and Privacy",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "88--105",
booktitle = "Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019",
address = "United States",

}

Van Schaik, S, Milburn, A, Osterlund, S, Frigo, P, Maisuradze, G, Razavi, K, Bos, H & Giuffrida, C 2019, RIDL: Rogue in-flight data load. in Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019., 8835281, Proceedings - IEEE Symposium on Security and Privacy, vol. 2019-May, Institute of Electrical and Electronics Engineers Inc., pp. 88-105, 40th IEEE Symposium on Security and Privacy, SP 2019, San Francisco, United States, 19/05/19. https://doi.org/10.1109/SP.2019.00087

RIDL: Rogue in-flight data load. / Van Schaik, Stephan; Milburn, Alyssa; Osterlund, Sebastian; Frigo, Pietro; Maisuradze, Giorgi; Razavi, Kaveh; Bos, Herbert; Giuffrida, Cristiano.

Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 88-105 8835281 (Proceedings - IEEE Symposium on Security and Privacy; Vol. 2019-May).

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - RIDL: Rogue in-flight data load

AU - Van Schaik, Stephan

AU - Milburn, Alyssa

AU - Osterlund, Sebastian

AU - Frigo, Pietro

AU - Maisuradze, Giorgi

AU - Razavi, Kaveh

AU - Bos, Herbert

AU - Giuffrida, Cristiano

PY - 2019/5

Y1 - 2019/5

N2 - We present Rogue In-flight Data Load (RIDL), a new class of speculative unprivileged and constrained attacks to leak arbitrary data across address spaces and privilege boundaries (e.g., process, kernel, SGX, and even CPU-internal operations). Our reverse engineering efforts show such vulnerabilities originate from a variety of micro-optimizations pervasive in commodity (Intel) processors, which cause the CPU to speculatively serve loads using extraneous CPU-internal in-flight data (e.g., in the line fill buffers). Contrary to other state-of-the-art speculative execution attacks, such as Spectre, Meltdown and Foreshadow, RIDL can leak this arbitrary in-flight data with no assumptions on the state of the caches or translation data structures controlled by privileged software. The implications are worrisome. First, RIDL attacks can be implemented even from linear execution with no invalid page faults, eliminating the need for exception suppression mechanisms and enabling system-wide attacks from arbitrary unprivileged code (including JavaScript in the browser). To exemplify such attacks, we build a number of practical exploits that leak sensitive information from victim processes, virtual machines, kernel, SGX and CPU-internal components. Second, and perhaps more importantly, RIDL bypasses all existing 'spot' mitigations in software (e.g., KPTI, PTE inversion) and hardware (e.g., speculative store bypass disable) and cannot easily be mitigated even by more heavyweight defenses (e.g., L1D flushing or disabling SMT). RIDL questions the sustainability of a per-variant, spot mitigation strategy and suggests more fundamental mitigations are needed to contain ever-emerging speculative execution attacks.

AB - We present Rogue In-flight Data Load (RIDL), a new class of speculative unprivileged and constrained attacks to leak arbitrary data across address spaces and privilege boundaries (e.g., process, kernel, SGX, and even CPU-internal operations). Our reverse engineering efforts show such vulnerabilities originate from a variety of micro-optimizations pervasive in commodity (Intel) processors, which cause the CPU to speculatively serve loads using extraneous CPU-internal in-flight data (e.g., in the line fill buffers). Contrary to other state-of-the-art speculative execution attacks, such as Spectre, Meltdown and Foreshadow, RIDL can leak this arbitrary in-flight data with no assumptions on the state of the caches or translation data structures controlled by privileged software. The implications are worrisome. First, RIDL attacks can be implemented even from linear execution with no invalid page faults, eliminating the need for exception suppression mechanisms and enabling system-wide attacks from arbitrary unprivileged code (including JavaScript in the browser). To exemplify such attacks, we build a number of practical exploits that leak sensitive information from victim processes, virtual machines, kernel, SGX and CPU-internal components. Second, and perhaps more importantly, RIDL bypasses all existing 'spot' mitigations in software (e.g., KPTI, PTE inversion) and hardware (e.g., speculative store bypass disable) and cannot easily be mitigated even by more heavyweight defenses (e.g., L1D flushing or disabling SMT). RIDL questions the sustainability of a per-variant, spot mitigation strategy and suggests more fundamental mitigations are needed to contain ever-emerging speculative execution attacks.

KW - Side-channels

KW - Speculative-execution-attacks

UR - http://www.scopus.com/inward/record.url?scp=85072932636&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85072932636&partnerID=8YFLogxK

U2 - 10.1109/SP.2019.00087

DO - 10.1109/SP.2019.00087

M3 - Conference contribution

T3 - Proceedings - IEEE Symposium on Security and Privacy

SP - 88

EP - 105

BT - Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Van Schaik S, Milburn A, Osterlund S, Frigo P, Maisuradze G, Razavi K et al. RIDL: Rogue in-flight data load. In Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 88-105. 8835281. (Proceedings - IEEE Symposium on Security and Privacy). https://doi.org/10.1109/SP.2019.00087