diff options
| author | Louis Burda <quent.burda@gmail.com> | 2023-01-19 01:48:16 +0100 |
|---|---|---|
| committer | Louis Burda <quent.burda@gmail.com> | 2023-01-19 01:50:26 +0100 |
| commit | 3f43dd1778c7ac8c09c3dc5612ac902c3a7ad84d (patch) | |
| tree | 54367534d322feaf294bbd51d785ce066c8c27c9 /README | |
| parent | f2ea010b8180b4160d85c92e312971d0cd8a34d4 (diff) | |
| download | cachepc-3f43dd1778c7ac8c09c3dc5612ac902c3a7ad84d.tar.gz cachepc-3f43dd1778c7ac8c09c3dc5612ac902c3a7ad84d.zip | |
Many fixes, more precise single-stepping and more robust self-tests
Diffstat (limited to 'README')
| -rw-r--r-- | README | 29 |
1 files changed, 22 insertions, 7 deletions
@@ -6,6 +6,10 @@ attack dubbed PRIME+COUNT that we demonstrate can be used to circumvent AMD's latest secure virtualization solution SEV-SNP to access sensitive guest information. + +tests +----- + Several test-cases were used to verify parts of the exploit chain separately: test/eviction: @@ -43,9 +47,14 @@ test/qemu-poc: Demonstrate that AES encryption keys can be leaked from an unmodified qemu-based linux guest. -Testing was done on a bare-metal AMD EPYC 72F3 (Family 0x19, Model 0x01) -cpu and Supermicro H12SSL-i V1.01 motherboard. The following BIOS settings -differ from the defaults: + +setup +----- + +Testing was done on a Supermicro H12SSL-i V1.01 motherboard and AMD EPYC 72F3 +(Family 0x19, Model 0x01) cpu. + +The following BIOS settings differ from the defaults: Advanced > CPU Configuration > Local APIC Mode = xAPIC Advanced > CPU Configuration > L1 Stream HW Prefetcher = Disabled @@ -57,11 +66,17 @@ Advanced > CPU Configuration > SEV ASID Space Limit = 110 Advanced > CPU Configuration > SNP Memory (RMP Table) Coverage = Enabled Advanced > North Bridge Configuration > SEV-SNP Support = Enabled Advanced > North Bridge Configuration > Memory Configuration > TSME = Disabled -Advanced > PCI Devices Common Settings > Memory Configuration > TSME = Disabled + +The following kernel parameters were used: + +kvm_amd.sev=1 kvm_amd.sev_es=1 nokaslr debug systemd.log_level=info + isolcpus=2,10,3,11 nohz_full=2,10,3,11 rcu_nocbs=2,10,3,11 nmi_watchdog=0 + transparent_hugepage=never apic lapic panic=-1 To successfully build and load the kvm.ko and kvm-amd.ko modules, ensure that a host kernel debian package was built using `make host`. -Note: because of bad decisions made in regards to version control, -the checked out commit of the modified kernel (previously the -kernel patch file) might be incorrect for older revisions. +Because of bad decisions made in regards to version control, the checked +out commit of the modified kernel (previously the kernel patch file) might +be incorrect for older revisions. + |