From owner-freebsd-hackers@freebsd.org  Wed Oct 19 20:01:30 2016
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3A4DFC17DDE
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Wed, 19 Oct 2016 20:01:30 +0000 (UTC)
 (envelope-from cse.cem@gmail.com)
Received: from mail-it0-f51.google.com (mail-it0-f51.google.com
 [209.85.214.51])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id EFAA31367
 for <freebsd-hackers@freebsd.org>; Wed, 19 Oct 2016 20:01:29 +0000 (UTC)
 (envelope-from cse.cem@gmail.com)
Received: by mail-it0-f51.google.com with SMTP id 4so125393970itv.0
 for <freebsd-hackers@freebsd.org>; Wed, 19 Oct 2016 13:01:29 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:reply-to:in-reply-to:references
 :from:date:message-id:subject:to:cc:content-transfer-encoding;
 bh=+2VqKjDEEODjXK/XIf/witkvmXvJUfHjx5yJMhU8guM=;
 b=XA6z5CNlXLMXtQ6DsJCtuHsOSaDFRTWMnABa+BuGS0KiXFIoKMjNXYw70J6mazCBkS
 SCNrmnvWVZwsyqhWwZyu16HbRMYE0CVXWj2vV1Y8O2E111gNs6i+vdJhDbecp4aK7AsH
 Mj8i/kFQtXduHO2V/8Hdx1YusJRKoMQp30Yv3BQ6ZTpSqbQe2DzSR7vOahoAcDSyCAbc
 q+3USou4DGvN2PH0N3ApW+ineGYrTbcnDwoaGwh47S1xj4hPat66eRpAqtx1xmSwmucF
 kObiTNGVItLhKvj+txolBwj/cntaenbkjdgq3qDcVh0Ud/VSIm3SX3mmo7TJLYFeTDal
 VKHw==
X-Gm-Message-State: AA6/9RmL/UVb2TpDGAr2mT0IHdq7QuuobPmOBIibWOj3/Xh4r5WutV46IeTGhQPeXqYtcA==
X-Received: by 10.107.142.134 with SMTP id q128mr8362419iod.109.1476907281101; 
 Wed, 19 Oct 2016 13:01:21 -0700 (PDT)
Received: from mail-it0-f44.google.com (mail-it0-f44.google.com.
 [209.85.214.44])
 by smtp.gmail.com with ESMTPSA id b6sm6757166iob.4.2016.10.19.13.01.20
 for <freebsd-hackers@freebsd.org>
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 19 Oct 2016 13:01:20 -0700 (PDT)
Received: by mail-it0-f44.google.com with SMTP id 139so117163817itm.1
 for <freebsd-hackers@freebsd.org>; Wed, 19 Oct 2016 13:01:20 -0700 (PDT)
X-Received: by 10.36.130.7 with SMTP id t7mr4517914itd.104.1476907278964; Wed,
 19 Oct 2016 13:01:18 -0700 (PDT)
MIME-Version: 1.0
Reply-To: cem@freebsd.org
Received: by 10.36.220.199 with HTTP; Wed, 19 Oct 2016 13:01:18 -0700 (PDT)
In-Reply-To: <CA+CmbW=L5fj3pJ0VYbhcHdqVfenhOKt9ZmNpfmOaLqzVpAt9Ow@mail.gmail.com>
References: <CA+CmbWmNtwz+DfpEt5Gc0Ww3-eTT5DiMVczXgnXgoqc9KfUsxA@mail.gmail.com>
 <CA+CmbW=pOc-McyHrFS8QQy1zxByF4BUO=jqQdsf=J8d_kRi_jw@mail.gmail.com>
 <CA+CmbW=MRGHPRFjX4a_LQveyP80-1wLf44a9Jz2QGvy2KhDOcA@mail.gmail.com>
 <CA+CmbW=a06oqVZnW4uM9ijQWsnbUJq+95oLEbef2tZOQRWejeA@mail.gmail.com>
 <CA+CmbWkGyePScePpVgXSZDZOz1fyUsmrrR9ozR5X9Zoin5a-oQ@mail.gmail.com>
 <CA+CmbWkz9iFco_k5AEkh8dCdFxOkwJY-vUnUCE7JWZsg2waS4g@mail.gmail.com>
 <CA+CmbWkwePCPwoMKgKFqR_J=vBf+OTvnUEME7v7-Cip3De0yUA@mail.gmail.com>
 <CA+CmbW=gJTJDN2KYnwhmau36mJmr2ihQ2h=UwBM7QeCrQMEVaw@mail.gmail.com>
 <CA+CmbWnA3Tu4vgRggKNgL56Tf9LuajRg9HX0KJQ=ZoPbVbPjEQ@mail.gmail.com>
 <CA+CmbW=yR-tkKvuz=oBowb91xn0DkBOBK5W55jGj6mEh0=rY2g@mail.gmail.com>
 <CA+CmbW=gHAtuEMMTKYLdzvr9jipNxmyUY119Z_onB4-hqcsqxg@mail.gmail.com>
 <CA+CmbW=ed85QfP4L+K46Js_MtL7xkxfkXHk1VbxqHRMwcGUYkg@mail.gmail.com>
 <CA+CmbWkSsWBGWCe7R-32Qtb8u92RN2VDTShGOKgxvOLrB2-_bQ@mail.gmail.com>
 <CA+CmbW=L5fj3pJ0VYbhcHdqVfenhOKt9ZmNpfmOaLqzVpAt9Ow@mail.gmail.com>
From: Conrad Meyer <cem@freebsd.org>
Date: Wed, 19 Oct 2016 13:01:18 -0700
X-Gmail-Original-Message-ID: <CAG6CVpWU_Kt2-FaD=-VpoFH7=uAKXtCVAu27aZ-4TT-1MnDV0A@mail.gmail.com>
Message-ID: <CAG6CVpWU_Kt2-FaD=-VpoFH7=uAKXtCVAu27aZ-4TT-1MnDV0A@mail.gmail.com>
Subject: Re: Attacking Branch Predictors to Bypass ASLR
To: Beach Geek <labeachgeek@gmail.com>
Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Oct 2016 20:01:30 -0000

On Wed, Oct 19, 2016 at 12:00 PM, Beach Geek <labeachgeek@gmail.com> wrote:
> This came across my tech news feed. It's a bit early and more testing is
> being done, but I wanted to start a discussion about it.
>
> Does this affect FreeBSD?
> If so, severity?
> Can this be countered/fixed in the OS?
>
> Link to 13 page paper:
> http://www.cs.ucr.edu/~nael/pubs/micro16.pdf

Hi,

FreeBSD doesn't have an ASLR implementation to bypass.  So the
straightforward answer is no.  It does not affect FreeBSD's existing
code.

There is an open question of whether it affects or obviates
Konstantin's userspace ASLR patch which is waiting to be merged.

The paper suggests a really lame and difficult software mitigation on
page 10.  On page 11 it suggests a possible HW mitigation, but that
does not yet exist in any CPU of course.

The userspace ASLR attack is somewhat limited.  Key quotes:

> Our prototype code tests 100 addresses in a second.

2^18 / 100 ~=3D 2^7 or ~2^11 seconds is about 35 minutes.

> Please note that current BTB addressing scheme (as used in Haswell proces=
sor used for our experiments) allows us to recover only a limited number of=
 ASLR bits. The number of bits that are randomizes is implementation specif=
ic. However, according to [47], the full ASLR in Linux randomizes 12th to 4=
0th bits of the virtual address. Since 30th and higher bits are not used in=
 BTB addressing, only 18 bits can be recovered using the BTB attack on Hasw=
ell.

So it seems ASLR may still be somewhat useful on amd64, especially if
bits above 30 are randomized (Haswell anyway).  But it may be
completely useless on i386.

Best,
Conrad