commit 7cd66755ff29a9f56601d5612a902b45d14798d5
parent af8e9be96ac096e97d3d34af3e5178fe3adf4dca
Author: Louis Burda <quent.burda@gmail.com>
Date: Wed, 1 Feb 2023 11:40:51 -0600
Update README
Diffstat:
| M | README | | | 44 | +++++++++++++++++++++++++++++--------------- |
1 file changed, 29 insertions(+), 15 deletions(-)
diff --git a/README b/README
@@ -2,9 +2,10 @@ CachePC
=======
This repository contains proof-of-concept code for a cache side-channel
-attack dubbed PRIME+COUNT that we demonstrate can be used to circumvent
-AMD's latest secure virtualization solution SEV-SNP to access sensitive
-guest information.
+attack on AMD SEV-SNP dubbed PRIME+COUNT. It extends the traditional PRIME+PROBE
+by using performance counters for accurate cache line eviction detection.
+We demonstrate that it can be used observe what addresses are accessed by a
+guest and use that information to infer what cryptographic secrets are used.
tests
@@ -87,6 +88,22 @@ Testing was done on a Supermicro H12SSL-i V1.01 motherboard and AMD EPYC 72F3
(Family 0x19, Model 0x01) cpu. The motherboard bios version is 2.4 and was
released 2022-04-14.
+
+The host kernel and qemu were built using the AMDESE/AMDSEV repo on branch
+sev-snp-devel at commmit a480a51. Install the host kernel by running:
+
+# ./bulid.sh --package
+# cd snp-release-`date "+%Y-%m-%d"`
+# ./install.sh
+
+
+For the build to complete the following packages needed to be installed
+following a clean install of debian linux-5.10.0-21:
+
+git build-essential flex dpkg bc rsync libelf-dev libssl-dev bison ninja-build
+ pkg-config libglib2.0-dev libpixman-1-dev python3 coda nasm uuid-dev iasl
+
+
The following non-default BIOS settings were used:
Advanced > CPU Configuration > Local APIC Mode = xAPIC
@@ -104,12 +121,6 @@ Advanced > CPU Configuration > SVM Mode = Enabled
Advanced > North Bridge Configuration > SEV-SNP Support = Enabled
Advanced > North Bridge Configuration > Memory Configuration > TSME = Disabled
-The host kernel is built using the AMDESE/AMDSEV repo on branch sev-snp-devel
-at commmit a480a51. Build and install the host kernel and qemu by running:
-
-# ./bulid.sh --package
-# cd snp-release-`date "+%Y-%m-%d"`
-# ./install.sh
The following host kernel parameters were used:
@@ -117,18 +128,21 @@ kvm_amd.sev=1 kvm_amd.sev_es=1 nokaslr nosplash debug systemd.log_level=debug
isolcpus=2,10,3,11 nohz_full=2,10,3,11 rcu_nocbs=2,10,3,11 nmi_watchdog=0
transparent_hugepage=never apic lapic panic=-1 preempt=none
+
+To successfully build and load the kvm.ko and kvm-amd.ko modules after building
+cachepc, ensure that the full kernel was built atleast once beforehand by running:
+
+$ cp $(AMDSEV_REPO)/linux/host/.config linux/.config
+$ make linux
+
+
In case SEV-SNP initialization fails due to a low firmware version, the
firmware can be updated to v1.51 by running:
-# mv extra/amd_sev_fam19h_model0xh_1.51.03.sbin /lib/firmware/amd/amd_sev_fam19h_model0xh.sbin
+# cp extra/amd_sev_fam19h_model0xh_1.51.03.sbin /lib/firmware/amd/amd_sev_fam19h_model0xh.sbin
# rmmod ccp
# sudo insmod /lib/modules/$(uname -r)/kernel/drivers/crypto/ccp/ccp.ko dyndbg="+p"
-To successfully build and load the kvm.ko and kvm-amd.ko modules, ensure
-that the full kernel was built atleast once by running:
-
-$ cp $(AMDSEV_REPO)/linux/host/.config linux/.config
-$ make linux
Note, the checked out commit of the modified kernel (previously the kernel
patch file) may be incorrect for revisions older than 864f5fa9d539.
