WaitWatcher and WaitGuard: Detecting Flush-Based Cache Side-Channels Through Spurious Wakeups
摘要
Flush+Reload and Flush+Flush attacks target CPU caches and allow malicious actors to leak confidential data across different CPU cores. Typically, detection mechanisms against such attacks leverage hardware performance counters to observe architectural and microarchitectural events. However, recent research has shown that state-of-the-art security monitors can effectively be bypassed by camouflaged Flush+Reload attacks. Thus, flush-based cache side-channel attacks are still a significant threat to system security. In this work, we present WaitGuard, a novel detection technique with a >99.9% detection rate based on the userspace monitor and wait instructions. Our framework automatically profiles internal CPU interactions of userspace monitor/waits with other unprivileged instructions. We use WaitWatcher to analyze \(7\) different server and desktop-class x86 CPUs from Intel and AMD. In our analysis, we uncover \(5\) spurious wakeup triggers and \(18\) user-mode instructions that completely bypass the wakeup mechanisms. Based on our analysis, we develop WaitGuard, a novel detection mechanism that repurposes the recently introduced userspace monitor and wait instructions to detect flush-based cache side-channel attacks on modern x86 hardware. We implement WaitGuard as a drop-in security monitor that reliably detects Flush+Reload and Flush+Flush attacks with a detection rate of >99.9%, even when introducing heavy system noise. Moreover, we find that WaitGuard also detects the previously invisible camouflaged Flush+Reload attacks. Finally, we demonstrate the real-world applicability of WaitGuard by showing its effectiveness in detecting Flush+Reload attacks on the OpenSSL AES T-table implementation.