Reading privileged memory with a side-channel
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html [googleprojectzero.blogspot.com]
2018-01-04 20:18
Exciting tales of reading from the beyond.
Logo site: https://meltdownattack.com/
Meltdown: https://meltdownattack.com/meltdown.pdf
Spectre: https://spectreattack.com/spectre.pdf
Retpoline: https://support.google.com/faqs/answer/7625886?hl=en
Chrome response (check out site isolation): https://sites.google.com/a/chromium.org/dev/Home/chromium-security/ssca
Mozilla: https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
Webkit has some nice notes: https://webkit.org/blog/8048/what-spectre-and-meltdown-mean-for-webkit/
LWN summary: https://lwn.net/Articles/742702/
Summary of mitigations: https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html
Intel now has a whitepaper with details that’s also easy to read: https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/Intel-Analysis-of-Speculative-Execution-Side-Channels.pdf
Intel paper on mitigations: https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf
AMD Managing Speculative Execution: https://developer.amd.com/wp-content/resources/Managing-Speculation-on-AMD-Processors.pdf
Apple: https://support.apple.com/en-us/HT208394
RPi has a nice explanation: https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/
ARM whitepaper for good measure: https://developer.arm.com/support/security-update/download-the-whitepaper
This is another good read: https://www.linkedin.com/pulse/addressing-meltdown-spectre-future-silicon-jon-masters/