CLKSCREW, Meltdown and Spectre Mitigation

May 21, 2018

This post presents a very short summary of CLKSCREW, Meltdown and Spectre mitigation strategies, links to each paper and a link to KAISER.

 

 

Shared Needs

 

CLKSCREW, Meltdown and Spectre _all_ rely on counting CPU clocks. CLKSCREW also relies on the ability for one core to modify frequency and voltage that impacts another core (which may be running a trusted OS).

 

 

Summary of Mitigations Presented in Each Papers

 

Meltdown

 

Apply the KAISER patch to the Linux kernel and patches that accomplish the same thing for Windows and MacOS. This patch removes kernel mappings in userspace process, stopping Meltdown.

 

Spectre

 

No good mitigation strategy is listed, apart from disabling speculative execution. 

 

CLKSCREW

 

Randomize the timing of sensitive code or better: compile code with checksum integrity and execution redundancy. 

 

 

Papers

 

Spectre

 

https://spectreattack.com/spectre.pdf 

 

Meltdown

 

https://meltdownattack.com/meltdown.pdf 

 

CLKSCREW

 

https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-tang.pdf 

 

 

Reference

 

Images from https://meltdownattack.com/ 

Please reload

Our Recent Posts

Columnize a List of Fields Using Excel 2016 on Windows 7

July 6, 2020

Turn On the Developer Tab in Excel 2016 on Windows 7

July 6, 2020

NASA's Aerospace Technology Resources

June 27, 2020

1/1
Please reload

Tags

Please reload

SEARCH THIS SITE

©2018 by Zach Pfeffer