Reverse Engineering the Apple M1 Conditional Branch Predictor for Out-of-Place Spectre Mistraining
Adam Tuby, Adam Morrison
TL;DR
This paper investigates the vulnerability of Apple M1 CPUs to out-of-place Spectre v1 attacks, revealing partial hardware mitigations and developing a new BPU-alias search method through reverse engineering.
Contribution
It provides the first analysis of M1 CPU's susceptibility to out-of-place Spectre v1 mistraining and introduces a novel search technique based on reverse-engineered BPU parameters.
Findings
Brute-force out-of-place mistraining fails on M1 CPUs.
Partial hardware mitigations against such attacks are present in M1.
A new BPU-alias search method was developed based on reverse engineering.
Abstract
Spectre v1 information disclosure attacks, which exploit CPU conditional branch misprediction, remain unsolved in deployed software. Certain Spectre v1 gadgets can be exploited only by out-of-place mistraining, in which the attacker controls a victim branch's prediction, possibly from another address space, by training a branch that aliases with the victim in the branch predictor unit (BPU) structure. However, constructing a BPU-alias for a victim branch is hard. Consequently, practical out-of-place mistraining attacks use brute-force searches to randomly achieve aliasing. To date, such attacks have been demonstrated only on Intel x86 CPUs. This paper explores the vulnerability of Apple M-Series CPUs to practical out-of-place Spectre v1 mistraining. We show that brute-force out-of-place mistraining fails on the M1. We analytically explain the failure is due to the search space size,…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsIndustrial Vision Systems and Defect Detection