Micro-architectural attacks use information leaked through shared resources to break hardware-enforced isolation. These attacks have been used to steal private information ranging from cryptographic keys to privileged Operating System (OS) data in devices ranging from mobile phones to cloud servers. Most existing software countermeasures either have unacceptable overheads or considerable false positives. Further, they are designed for specific attacks and cannot readily adapt to new variants. In this paper, we propose a framework called LEASH, which works from the OS scheduler to stymie micro-architectural attacks with minimal overheads, negligible impact of false positives, and is capable of handling a wide range of attacks. LEASH works by starving maliciously behaving threads at runtime, providing insufficient time and resources to carry out an attack. The CPU allocation for a falsely flagged thread found to be benign is boosted to minimize overheads. To demonstrate the framework, we modify Linux's Completely Fair Scheduler with LEASH and evaluate it with seven micro-architectural attacks ranging from Meltdown and Rowhammer to a TLB covert channel. The runtime overheads are evaluated with a range of real-world applications and found to be less than 1% on average.
翻译:微构形攻击使用通过共享资源泄漏的信息来打破硬化隔离。这些攻击被用来窃取私人信息,从加密钥匙到特权操作系统(OS)数据,从移动电话到云服务器等各种设备。大多数现有的软件反措施都具有不可接受的间接费用或相当的假阳性。此外,它们是为特定攻击设计的,无法随时适应新的变体。在本文中,我们提议了一个称为LEASASH的框架,它从OS调度仪到阻断微构形攻击,其管理器极小,假阳性影响微小,能够处理广泛的攻击。LEAS在运行时恶意地使线形线萎缩,没有足够时间和资源来发动攻击。CPU对被误标的线进行设计,以最大限度地减少顶部。为了展示这个框架,我们用LEASHS对Linux的完全公平的调度仪进行了修改,并且用7个微构形攻击来评价,从Meltdowd和Rowhammer到TLB隐藏频道等。运行的顶部应用范围小于1世界。在运行中被评估。