How do The Meltdown and Spectre attacks work?

Meltdown and Spectre exploit an error in a behavior called speculative execution.When running speculatively, the CPU advises which code path to run before knowing what the correct code is to run. In response, I try to give a better overview of the attacks described in the two papers.

For example, you might have the following code:

  1. if some_check():
  2. <code>
  3. Else:
  4. <other code>

If the variables needed to calculate some_check () are not currently in the cache, the CPU starts running <code> or <other code>.

When the memory needed to calculate some_check () arrives, the CPU determines whether it has chosen the correct path.If so, it will continue, otherwise it will undo any changes made and execute the correct code.

Speculative execution greatly improves computational speed because processors often wait for memory and many checks are predictable.

The problem is that (2) does not happen completely as described.Most of the effects of the wrong code are undone, but memory loaded into the CPU cache during speculative execution is not unloaded. This means that the next access to memory is much faster than usual.

To exploit this error, use a “timing attack” on the CPU cache.Spectre and Meltdown are demonstrated in particular with Flush + Probe [1 ( and also with another attack that I won’t talk about in this answer). Approximate steps as follows:

Create a large array and arr, and make sure that arr memory is not in the CPU cache.

Run an if check (), which eventually returns false but cannot be detected immediately.

Read space that you don’t have access to and load it into a variable that we call secret.

Use secret to index in arr and store it in a local variable.This forces part of the Arr into the CPU cache. *

Outside of if check () iterate over arr and determine how long it takes to read each address.Part of the Arr is much faster to read than the rest. This corresponds to the address to which we wrote in step (4). With this information, we can retrieve the value of the secret and complete the attack.

Note that steps (3) and (4) are speculative during the attack.

The same basic structure applies to both Meltdown and Spectre, but Meltdown uses it to read a kernel address, while Specter uses it to read a user area address.

The described variant of Spectre requires that the victim address read in secret is already in the CPU cache.If it is not in the cache, the memory needed for verification in step (2) is likely to arrive before secret can be read and used for indexing in arr. This variant was demonstrated in Javascript to read data from another tab in a browser.

In Meltdown, the attacks work because there is a race condition between throwing an exception of step (3) and executing the commands in step (4).It is not necessary for memory to already be in the CPU cache because the exception condition occurs after the command loads the memory into a register.

* Because the memory is actually loaded into the cache in pages, you must multiply your secret by the cache page size when addressing in arr.The Specter paper used page size 4096.

Footnote:

[1 https://eprint.iacr.org/2013/448…

Leave a Reply