©2018 by Zach Pfeffer

SEARCH THIS SITE

CLKSCREW, Meltdown and Spectre Mitigation

May 21, 2018

This post presents a very short summary of CLKSCREW, Meltdown and Spectre mitigation strategies, links to each paper and a link to KAISER.

 

 

Shared Needs

 

CLKSCREW, Meltdown and Spectre _all_ rely on counting CPU clocks. CLKSCREW also relies on the ability for one core to modify frequency and voltage that impacts another core (which may be running a trusted OS).

 

 

Summary of Mitigations Presented in Each Papers

 

Meltdown

 

Apply the KAISER patch to the Linux kernel and patches that accomplish the same thing for Windows and MacOS. This patch removes kernel mappings in userspace process, stopping Meltdown.

 

Spectre

 

No good mitigation strategy is listed, apart from disabling speculative execution. 

 

CLKSCREW

 

Randomize the timing of sensitive code or better: compile code with checksum integrity and execution redundancy. 

 

 

Papers

 

Spectre

 

https://spectreattack.com/spectre.pdf 

 

Meltdown

 

https://meltdownattack.com/meltdown.pdf 

 

CLKSCREW

 

https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-tang.pdf 

 

 

Reference

 

Images from https://meltdownattack.com/ 

Please reload

Our Recent Posts

A Fix for "You don't have permission to create items on this site: https://yoursite.sharepoint.com/sites/pwa"

September 25, 2019

Create a Tree-View of a Directory on Linux with 'tree'

August 17, 2019

Use draw.io in Google Drive (and Get Rid of draw.io )

June 30, 2019

1/1
Please reload

Tags

Please reload