diff options
| author | Louis Burda <quent.burda@gmail.com> | 2023-02-09 08:49:40 -0600 |
|---|---|---|
| committer | Louis Burda <quent.burda@gmail.com> | 2023-02-09 08:49:40 -0600 |
| commit | 22a76f7170b86bf76a3d09b34d12d56e8810797c (patch) | |
| tree | 941fb7c8dc3ffd68da9f51c47e6b5a8f91b696b4 /README | |
| parent | 22297cd9d96fa608ff6d166fa215ff503908e539 (diff) | |
| download | cachepc-master.tar.gz cachepc-master.zip | |
Diffstat (limited to 'README')
| -rw-r--r-- | README | 14 |
1 files changed, 9 insertions, 5 deletions
@@ -2,10 +2,10 @@ CachePC ======= This repository contains proof-of-concept code for a cache side-channel -attack on AMD SEV-SNP dubbed PRIME+COUNT. It extends the traditional PRIME+PROBE -by using performance counters for accurate cache line eviction detection. -We demonstrate that it can be used observe what addresses are accessed by a -guest and use that information to infer what cryptographic secrets are used. +attack on AMD SEV-SNP dubbed Prime+Count. It extends the traditional Prime+Probe +implementation of CacheSC through the use of performance counters for +accurately detecting cache line evictions and provides and attack framework +for single- and page-stepping SEV-SNP guests. tests @@ -45,6 +45,10 @@ test/kvm-targetstep: test/qemu-pagestep: Replicate result from kvm-pagestep on a qemu-based vm running debian. + +incomplete +---------- + test/qemu-targetstep: Replicate result from kvm-targetstep on a qemu-based vm running debian using a specially crafted guest program to signal when measurement @@ -72,7 +76,7 @@ CPC_TRACK_FAULT_NO_RUN: CPC_TRACK_EXIT_EVICTION: Set apic timer such that for any reasonably short KVM_RUN no local apic - interrupts will occur to cause exits. Good for collecting PRIME+COUNT + interrupts will occur to cause exits. Good for collecting Prime+Count measurements over a clean run to a guest-invoked exit such as KVM_EXIT_HLT. CPC_TRACK_PAGES: |