PMU-Data: Data Traces Could be Distinguished

TL;DR

This paper reveals that the Performance Monitoring Unit (PMU) in modern processors can be exploited as a side-channel to leak instruction operands and sensitive data, leading to new attack vectors including data exfiltration and covert channels.

Contribution

It introduces PMU-Data, a novel side-channel attack leveraging PMU events to extract instruction operands and sensitive information, demonstrating practical vulnerabilities across multiple processors.

Findings

Identified two types of vulnerable gadgets caused by DIV and MOV instructions.

Discovered 40 PMU events exploitable for the PMU-Data attack.

Successfully demonstrated data leakage, covert channels, and extraction from TEE using PMU-Data.

Abstract

Modern processors widely equip the Performance Monitoring Unit (PMU) to collect various architecture and microarchitecture events. Software developers often utilize the PMU to enhance program's performance, but the potential side effects that arise from its activation are often disregarded. In this paper, we find that the PMU can be employed to retrieve instruction operands. Based on this discovery, we introduce PMU-Data, a novel category of side-channel attacks aimed at leaking secret by identifying instruction operands with PMU. To achieve the PMU-Data attack, we develop five gadgets to encode the confidential data into distinct data-related traces while maintaining the control-flow unchanged. We then measure all documented PMU events on three physical machines with different processors while those gadgets are performing. We successfully identify two types of vulnerable gadgets caused by DIV and MOV instructions. Additionally, we discover 40 vulnerable PMU events that can be used to carry out the PMU-Data attack. We through real experiments to demonstrate the perniciousness of the PMU-Data attack by implementing three attack goals: (1) leaking the kernel data illegally combined with the transient execution vulnerabilities including Meltdown, Spectre, and Zombieload; (2) building a covert-channel to secretly transfer data; (3) extracting the secret data protected by the Trusted Execution Environment (TEE) combined with the Zombieload vulnerability.