kaveh razavi mmu magic in javascript: erik bosman ...powerofcommunity.net/poc2017/ben.pdfget secrets...

Ben GrasKaveh RazaviErik BosmanHerbert BosCristiano Giuffrida

VU Amsterdam

1

MMU Magic in JavaScript: Breaking ASLR from a Sandbox

Done at ..❖ VUSec systems security academic research group

❖ Defensive & offensive security projects using systems techniques

❖ VU University in Amsterdam

❖ I am an intern with Cisco ASRG now

2

Teaser

❖ Compute virtual addresses of data & code

❖ With microarchitectural MMU side channel, not software

❖ Thereby breaking ASLR

❖ On all modern CPU models - Intel, AMD, ARM

❖ Even from JavaScript

3

Teaser❖ Visualization - JavaScript - and no software bug

❖ There will be a demo video

4

5

Big picture: cached page tables

Cache Set

Page

Outline❖ Background: ASLR & Side Channels

❖ Pagetable walks

❖ CPU Caches

❖ EVICT+TIME

❖ JavaScript

❖ Results

❖ Demo

6

ASLR❖ Main justification

❖ Response to exploitation in the 90s

Application

Stack0xbfffffff

ExecNon-Exec

0x08048000

0xbffffxyz0x90909090SHELLCODE

7

ASLR❖ Let’s randomize both areas: ASLR

❖ Also DEP. So exploitation requires ASLR leak and ROP

Stack0x????????

ExecNon-Exec

0x8048abc0x8048defSHELLCODE

0x????????Application

8

Side Channels

❖ Get secrets by measuring out of the box

❖ Side effect outside the system

❖ e.g. Stethoscopes

❖ e.g. Power analysis

❖ e.g. Timing

❖ e.g. RF

9

Outline❖ Background: ASLR & Side Channels

❖ Pagetable walks

❖ CPU Caches

❖ EVICT+TIME

❖ JavaScript

❖ Results

❖ Demo

10

Pagetable Walks From DRAM

11

❖ Page tables point to the next step in a tree

Pagetable Walks From DRAM

12

CR3: Level 4 Physical Addr

0x644b321f400011001000100101100110010000111110100000000000000

Pagetable Walks From DRAM

13

CR3: Level 4 Physical Addr

Level 4

0x644b321f400011001000100101100110010000111110100000000000000

Pagetable Walks From DRAM

14

CR3: Level 4 Physical Addr

Level 4

0x644b321f400011001000100101100110010000111110100000000000000

Pagetable Walks From DRAM

15

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4

0x644b321f400011001000100101100110010000111110100000000000000

Pagetable Walks From DRAM

16

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3

0x644b321f400011001000100101100110010000111110100000000000000

Pagetable Walks From DRAM

17

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3

0x644b321f400011001000100101100110010000111110100000000000000

Pagetable Walks From DRAM

18

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3

PTE 300: Level 2 Phys Addr

0x644b321f400011001000100101100110010000111110100000000000000

Pagetable Walks From DRAM

19

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3 Level 2

PTE 300: Level 2 Phys Addr

PTE 400: Level 1 Phys Addr

0x644b321f400011001000100101100110010000111110100000000000000

Pagetable Walks From DRAM

20

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3 Level 2 Level 1

PTE 300: Level 2 Phys Addr

PTE 400: Level 1 Phys Addr

PTE 500: Target Phys Addr

0x644b321f400011001000100101100110010000111110100000000000000

Pagetable Walks From DRAM

21

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3 Level 2 Level 1

PTE 300: Level 2 Phys Addr

PTE 400: Level 1 Phys Addr

PTE 500: Target Phys Addr

0x644b321f400011001000100101100110010000111110100000000000000

TLB

Pagetable Walks From DRAM

22

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3 Level 2 Level 1

PTE 300: Level 2 Phys Addr

PTE 400: Level 1 Phys Addr

PTE 500: Target Phys Addr

0x644b321f400011001000100101100110010000111110100000000000000

TLB

VAddr PAddr

Pagetable Walks From DRAM

23

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3 Level 2 Level 1

PTE 300: Level 2 Phys Addr

PTE 400: Level 1 Phys Addr

PTE 500: Target Phys Addr

0x644b321f400011001000100101100110010000111110100000000000000

TLB

VAddr PAddr

PT Data Cache

Outline❖ Background: ASLR & Side Channels

❖ Pagetable walks

❖ CPU Caches

❖ EVICT+TIME

❖ JavaScript

❖ Results

❖ Demo

24

CPU Caches❖ Memory cache lines can only go into one small cache set

25

Cache

DRAM

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

26

Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

27

Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

28

1Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

29

1Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

30

1 2Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

31

1 2Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

32

1 2 3Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

33

1 2 3Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

34

1 2 3 7Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

35

1 2 3 7Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

36

1 2 3 7 18Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

37

1 2 3 7 18Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

38

1 2 3 7 18

17Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

39

1 2 3 7 18

17Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

40

1 2 3 17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

41

1 2 3 17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

42

1 2 3

22

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

43

1 2 3

22

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

44

1 22 3

12

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

45

1 22 3

12

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

46

1 12 3

2

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

47

1 12 3

2

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

48

1 2 3

22

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

49

1 2 3

22

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

50

1 22 3

12

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

51

1 22 3

12

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

52

1 12 3

2

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

53

1 12 3

2

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

54

1 2 3

22

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

55

1 2 3

22

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

56

1 22 3

12

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

57

1 22 3

12

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

Tiny Cache Example

❖ 2-way cache, 5 sets per page, showing 2 colors

❖ Eviction sets follow page offsets

58

1 12 3

2

17 18

27Cache

DRAM1 2 3 4 5

11 12 13 14 15

6 7 8 9 10

16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Cache Set

59

Big picture: cached page tables

Cache Set

Page

Outline❖ Justification: ASLR

❖ Pagetable walks

❖ CPU Caches

❖ EVICT+TIME

❖ JavaScript

❖ Results

❖ Demo

60

EVICT+TIME

❖ Flush TLB, forcing pagetable walk

❖ 2x to measure cached lookup time

❖ Flush TLB

❖ Evict first cacheline

❖ Measure possibly-uncached lookup time

❖ Find cacheline dependencies

61

EVICT+TIME in Cache

62

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25 26 27 28 29 30

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3 Level 2 Level 1

PTE 300: Level 2 Phys Addr

PTE 400: Level 1 Phys Addr

PTE 500: Target Phys Addr

0x644b321f400011001000100101100110010000111110100000000000000

TLB

VAddr PAddr

EVICT+TIME in Cache

63

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25 26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

EVICT+TIME in Cache

64

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

EVICT+TIME in Cache

65

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Do address lookup

EVICT+TIME in Cache

66

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Do address lookup

EVICT+TIME in Cache

67

24 Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ It was uncached - slow

EVICT+TIME in Cache

68

24 Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s do it again

EVICT+TIME in Cache

69

24 Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ It was cached - fast

EVICT+TIME in Cache

70

24 Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

71

24 Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

72

24 15 Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

73

24 15 Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

74

24 155

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

75

24 155

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Eviction done - let’s do lookup

EVICT+TIME in Cache

76

24 155

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Eviction done - let’s do lookup

EVICT+TIME in Cache

77

24 155

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Still cached

EVICT+TIME in Cache

78

24 155

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

79

24 155

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

80

24 1514 5

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

81

24 1514 5

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

82

14 154 5

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Let’s evict

EVICT+TIME in Cache

83

14 154 5

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Eviction done - let’s do lookup

EVICT+TIME in Cache

84

14 154 5

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Eviction done - let’s do lookup

EVICT+TIME in Cache

85

14 154 5

Cache

DRAM1 2 3 4 511 12 13 14 15

6 7 8 9 1016 17 18 19 20

21 22 23 24 25

26 27 28 29 30

PTE 200:Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4Level 3

Level 2Level 1

PTE 300:Level 2 Phys Addr

PTE 400:Level 1 Phys Addr

PTE 500:Target Phys Addr

0x644b321f4000

11001000100101100110010000111110100000000000000

TLB

VAddr

PAddr

Pagetable in DRAM

❖ Uncached now

❖ 2 sources of ambiguity remaining

❖ Which are the 4 levels

❖ 8 slots per cacheline

❖ 4! *8*8*8*8=98304 (17 bits entropy)

❖ We have to vary the target

❖ This varies the slots

Ambiguity

86

PTE 200: Level 3 Phys Addr

CR3: Level 4 Physical Addr

Level 4 Level 3 Level 2 Level 1

PTE 300: Level 2 Phys Addr

PTE 400: Level 1 Phys Addr

PTE 500: Target Phys Addr

0x644b321f400011001000100101100110010000111110100000000000000

Outline❖ Background: ASLR & Side Channels

❖ Pagetable walks

❖ CPU Caches

❖ EVICT+TIME

❖ JavaScript

❖ Results

❖ Demo

87

JavaScript Complications

❖ A security boundary: sandbox

❖ There are some complications

❖ Instruction re-ordering

❖ Low resolution timer

❖ Contiguous virtual address space

88

❖ For code: a large block of JIT

❖ Return right away

❖ Don’t forget to flush the iTLB

Prototypes in Firefox and Chrome

Outline❖ Background: ASLR & Side Channels

❖ Pagetable walks

❖ CPU Caches

❖ EVICT+TIME

❖ JavaScript

❖ Results

❖ Demo

89

Results: speed

0 3 6 9

12 15 18 21 24 27 30 33 36

0 10 20 30 40 50

Rem

aini

ng v

irtua

l add

ress

ent

ropy

(bits

)

Elapsed time (s)

Chrome heap (PTL3 cacheline crossing)Firefox heap (PTL3 cacheline crossing)Firefox heap (PTL4 cacheline crossing)

Firefox JIT (PTL2 cacheline crossing)

90

Results: tested microarchitectures

91

CPU Model Microarchitecture Year

Intel Xeon E3-1240 v5 Skylake 2015

Intel Core i7-6700K Skylake 2015

Intel Celeron N2840 Silvermont 2014

Intel Xeon E5-2658 v2 Ivy Bridge EP 2013

Intel Atom C2750 Silvermont 2013

Intel Core i7-4500U Haswell 2013

Intel Core i7-3632QM Ivy Bridge 2012

Intel Core i7-2620QM Sandy Bridge 2011

Intel Core i5 M480 Westmere 2010

Intel Core i7 920 Nehalem 2008

AMD FX-8350 8-Core Piledriver 2012

AMD FX-8320 8-Core Piledriver 2012

AMD FX-8120 8-Core Bulldozer 2011

AMD Athlon II 640 X4 K10 2010

AMD E-350 Bobcat 2010

AMD Phenom 9550 4-Core K10 2008

Allwinner A64 ARM Cortex A53 2016

Samsung Exynos 5800 ARM Cortex A15 2014

Samsung Exynos 5800 ARM Cortex A7 2014

Nvidia Tegra K1 CD580M-A1 ARM Cortex A15 2014

Nvidia Tegra K1 CD570M-A1 ARM Cortex A15; LPAE 2014

Outline❖ Background: ASLR & Side Channels

❖ Pagetable walks

❖ CPU Caches

❖ EVICT+TIME

❖ JavaScript

❖ Results

❖ Demo

92

93

Reception

❖ Intel, AMD, ARM: CVE 2017-5925, 2017-5926, 2017-5927

❖ Chrome, Firefox, Safari, Edge: CVE-2017-5928

❖ Apple mitigation in iOS, Safari and tvOS updates

❖ Thank you NCSC-NL

94

Conclusion❖ There is an micro-architectural MMU cache side channel

❖ Exploitable from JavaScript

❖ It breaks ASLR in sandboxed environments

❖ Project page: https://www.vusec.net/projects/anc/

❖ Native code: https://github.com/vusec/revanc

❖ Twitter @vu5ec

95

Results: reliability

0 0.2 0.4 0.6 0.8

1

Chrome 3 Levels Firefox 3 Levels Firefox 4 Levels

False positiveFalse negative

Success rate

96

Results: noise❖ Repeat measurements vs confidence margin

97