The tech industry has been all a buzz over the last 48 hours with talk about a fundamental flaw in Intel’s CPUs that makes it easy for malware to steal sensitive data (like passwords, cryptographic keys and banking information) directly from memory, memory that would normally be off limits. We now have the first concrete details about the issue, and as it turns out, there are actually two vulnerabilities, dubbed by security researchers ‘Meltdown’ and ‘Spectre’ and they affect other platforms besides Intel’s. Here’s what you need to know about them.
Spectre and Meltdown explained
Last June, Google’s Project Zero security team discovered some security flaws caused by the way that modern CPUs use out-of-order and speculative execution for better performance. (In addition to Google, other security researchers have independently discovered the same problems.)
Here’s a little background on how out-of-order and speculative execution works in CPUs. In a nutshell, to make sure that the CPU is always doing something, its instructions are pushed into a pipeline one behind the other. They progress down the pipeline going through the various stages needed to decode and finally execute them. Some instructions take longer to execute than others. This means that the pipeline is often re-ordered to get the best performance. This is particularly true when the CPU is told to jump (branch) to another location. Most branches are attached to conditions, so if a program loops around ten times, then for ten iterations it will jump back to the same spot, but on the eleventh it won’t. To make sure the pipeline is full, the CPU will put the most likely instructions back into the pipeline by attempting to predict beforehand if the CPU will branch or not. If it gets it wrong, then the pipeline will be full of half-executed instructions, which will be then discarded.
A fundamental flaw in CPU design makes it easy for malware to steal sensitive data like passwords and cryptographic keys
What Google’s Project Zero found out is that these half-baked instructions have altered the CPU’s internal caches while they were flowing down the pipeline. If you then add some very clever timing algorithms, it becomes possible to calculate what was in the cache, even though the CPU never actually officially executed the instructions.
The reason why this allows access to restricted memory is that the check for access violations is done when the instruction is finally executed (retired), not while it is progressing down the pipeline. This means that malware can now access any part of the memory. It can’t do it fast, as all these timing shenanigans are delicate, but it is fast enough to steal data.
In total there are three known variants of this basic problem:
As soon as Google found these new attack methods, it notified Intel, AMD and Arm. That was six months ago. They all agreed on a coordinated disclosure date of January 9, 2018, however, when patches started appearing in the Linux kernel along with growing speculation in the press and security research community, the details were disclosed a week early.
What is Google doing about it?
Google has worked to protect all its products and services against Spectre and Meltdown. You can find full details here, but here is a summary:
- Android – Devices with the latest security update are protected. At the moment there are no successful reproductions of this vulnerability that would allow password stealing on ARM-based Android devices. The way Android is handling this at the moment is to reduce access to the high precision timers needed to calculate if the cache was altered during the speculative execution. Future Android security updates will also include additional mitigations based on the Linux Kernel Page Table Isolation (KPTI) work (more about that in a moment).
- Chromebooks and Chrome OS – Intel Chrome OS devices on kernels 3.18 and 4.4 are patched with Kernel Page Table Isolation (KPTI) in Chrome OS 63 and above. Older kernels will be patched with KPTI in a future release. Known attacks do not affect existing ARM Chrome OS devices, but these devices will also be patched with KPTI in a future release.
As you can see, Intel’s CPUs seem to be more susceptible to Spectre and Meltdown. I contacted Arm about these security issues and here is the response I was given:
“Arm has been working together with Intel and AMD to address a side-channel analysis method which exploits speculative execution techniques used in certain high-end processors, including some of our Cortex-A processors. This is not an architectural flaw; this method only works if a certain type of malicious code is already running on a device and could at worst result in small pieces of data being accessed from privileged memory. Arm takes all security threats seriously and we encourage individual users to ensure their software is up-to-date and always follow good security practices. Please note that our Cortex-M processors, which are pervasive in low-power, connected IoT devices, are not impacted.”
Arm has also released a full security advisory called Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism. Basically it says that the Cortex-A57, the Cortex-A72 and the Cortex-A73 are vulnerable to Spectre, and only the Cortex-A75 is vulnerable to Meltdown. The important thing here is that the Cortex-A53 and Cortex-A55 cores are NOT affected. This is because those two processors cores don’t do out-of-order execution. A large portion of the current mid-range Android handsets use the Cortex-A53 in an octa-core arrangement, including devices with the Qualcomm Snapdragon 630, Snapdragon 626, Snapdragon 625, and all Snapdragon 4xx processors.
Arm has also released Linux patches for all its processors.
Intel’s response to the disclosure has been less professional than Arm’s. Rather than publishing a security advisory and providing software patches, all Intel did was publish a press release. In the press release, Intel just moaned about how it wasn’t its fault and that everyone is in the same boat. The press release didn’t go down well with Linus Torvalds, the inventor of Linux. He wrote, “I think somebody inside of Intel needs to really take a long hard look at their CPU’s, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed.”
How the bugs can be mitigated
The bug can be mitigated, at a performance cost ranging from 5% to 30%
One of the ways that Meltdown can be mitigated is by isolating the kernel table from user space memory. Until now, the kernel page tables were kept in memory, even when running a user space program. This memory is actually protected by the normal memory access features of modern CPUs, however the cache timing vulnerabilities mean that malicious programs can bypass the normal protections and steal data from the kernel memory space.
Kernel Page Table Isolation (KPTI) fixes this by separating the user-space and the kernel-space page tables. However, this decreases performance. There are a variety of different performance measurements being touted at the moment. These range from 5% to 30%.
It looks like KPTI will become the norm for Linux, Android, and Chrome OS in the short term. One thing that Arm started very clearly is that “All future Arm Cortex processors will be resilient to this style of attack or allow mitigation through kernel patches.”
In other words, there isn’t much that can be done in hardware now, but future processors will be designed so that this kind of attack isn’t possible. As Linus put it, CPU designers need to ensure that “speculation doesn’t happen across protection domains.”