Inspecting the Meltdown and Spectre CPU Vulnerabilities

A CPU predicts you will walk into a bar, you do not. Your credit card has been stolen. The drinks are 30% more expensive. (Oh, and the bartender was insider trading)

On Wednesday, January 3, 2018, Google's Project Zero released a blog post, detailing two critical vulnerabilities in modern processors, nicknamed Meltdown and Spectre.

These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

The Meltdown vulnerability (CVE-2017-5754) primarily affects Intel microprocessors; specifically, processors with speculative execution are affected with these vulnerabilities. Google has reported that every Intel processor since 1995 with out-of-order execution is potentially vulnerable to the Meltdown vulnerability, excluding Itanium and pre-2013 Intel Atom CPUs.

The Spectre vulnerability (CVE-2017-5753 and CVE-2017-5715), on the other hand, affects almost every computer system, including desktops, laptops, and mobile devices. Specifically, Spectre has been shown to work on Intel, AMD, and ARM-based processors. While more difficult to utilize properly than Meltdown, Spectre may be much more challenging to defend against due to its generality.

Both vulnerabilities exploit performance features, caching and speculative execution, to leak data via a side-channel attack.

A side-channel attack is any attack based on information gained from the physical implementation of a computer system, rather than weaknesses in the implementation itself. For example, timing information, power consumption, electromagnetic leaks or even sound can provide an extra source of information, which can be exploited to break the system.

Conventional CPUs, like the Intel 486, where scalar processors, which means that they were only capable of executing one instruction per CPU cycle. By time, CPU manufacturers needed to make their CPUs faster, but they soon hit clock speed limits, so they began to look for ways to parallelize instructions, thus creating superscalar processors. An out-of-order superscalar processor has the ability to shuffle the order of incoming instructions (subject to dependencies) in order to keep itself working at maximum efficiency.

In order to squeeze even more performance from these chips, CPU manufacturers also apply techniques like branch prediction and speculative execution.

Conditional branches in software, like if statements and loops mean that the CPU cannot parallelize instructions if it encounters a conditional branch which depends on a value which has yet to be computed. To avoid a stall, it must guess which instruction to fetch next.

A branch predictor helps the processor to make an intelligent guess about whether a branch will be taken or not. It does this by gathering statistics about how often particular branches have been taken in the past. Modern branch predictors are extremely sophisticated, and can generate very accurate predictions. However, by executing a crafted series of branches, an attacker can mis-train a branch predictor to make poor predictions.

The problem is that the more processors become good at parallelizing future instructions, the harder it becomes to make full use of the CPU. Consequently, CPU engineers gave modern CPUs the ability to speculate. Speculative execution lets the CPU execute instructions which might turn out not to be required (because they may be branched over). This keeps the CPU busy, and if it turns out that the instruction isn't executed, it can just throw the result away.

Speculatively executing unnecessary instructions consumes extra energy, but it is a worthwhile trade-off to obtain extra single-threaded performance. The branch predictor is used to choose the most likely path through the program, maximizing the chance that the speculation will pay off.

"Knock Knock"
"Branch Prediction"
"Who's there?"

Meltdown and Spectre use a combination of these vulnerabilities in addition to a timing attack in order the trick the CPU into running code that is able to read from cache data that does not belong to it.

Given that these bugs are due to physical CPU design, the only way to mitigate them is by software patches. Linux kernel, Apple and Microsoft developers have already issued patches for these exploits. Unfortunately, the implementation of these patches may lead to a reduction in CPU performance, depending on the workload.

Phoronix ran synthetic I/O Benchmarks on databases such as PostgreSQL and Redis and they measured a noticeable performance impact. Epic Games have noticed hue increases in CPU Utilization after patches. A discussion thread in the AWS support forums details dips in performance that occur after rebooting Linux virtual machines with the Meltdown workaround installed.