DDM: A Demand-based Dynamic Mitigation for SMT Transient Channels

TL;DR

This paper introduces DDM, a demand-based dynamic mitigation technique that dynamically disables hyper-threading based on security requirements to prevent SMT transient channel side-channel attacks with minimal performance impact.

Contribution

The paper proposes a novel security demand-based dynamic mitigation (DDM) method that dynamically manages hyper-threading to defend against SMT transient channel attacks.

Findings

DDM effectively prevents SMT transient channel attacks like PortsMash.

The performance overhead of DDM is less than 8%.

The approach involves modifying the Linux kernel and using Intel MSR registers.

Abstract

Different from the traditional software vulnerability, the microarchitecture side channel has three characteristics: extensive influence, potent threat, and tough defense. The main reason for the micro-architecture side channel is resource sharing. There are many reasons for resource sharing, one of which is SMT (Simultaneous Multi-Threading) technology. In this paper, we define the SMT Transient Channel, which uses the transient state of shared resources between threads to steal information. To mitigate it, we designed a security demand-based dynamic mitigation (DDM) to Mitigate the SMT transient channels. The DDM writes the processes' security requirements to the CPU register sets, and the operating system calls the HLT instruction to dynamically turn on and off the hyper-threading according to the register values to avoid the side channels caused by execution resource sharing. During the implementation of the scheme, we modified the Linux kernel and used the MSR register groups of Intel processor. The evaluation results show that DDM can effectively protect against the transient side-channel attacks such as PortsMash that rely on SMT, and the performance loss of DDM is less than 8%.