This repository contains several experiments and proof-of-concepts for the AMD Prefetch Attacks through Power and Time paper. For more technical information, please refer to the paper:
- AMD Prefetch Attacks through Power and Time by Moritz Lipp, Daniel Gruss, Michael Schwarz
The individual proof-of-concept implementations are self-contained and come with a Makefile and an individual description that explains how to build, run and interpret the proof-of-concept.
In order to run the proof-of-concepts, the following prerequisites need to be fulfilled:
Throughout our experiments, we successfully evaluated our implementations on the following CPUs. However, most of the implementation should work on CPUs with the same microarchitecture.
|AMD Ryzen 5 2500 U
|AMD Ryzen Threadripper 1920X
|AMD Ryzen 5 3600
|AMD Ryzen 7 3700X
|AMD EPYC 7402P
|AMD EPYC 7571
The follow tables give an overview of all artifacts provided in this repository. Each folder contains an additional description explaining how to build, run and interpret the artifact.
|Page Table Level
|Kernel Address Space Derandomization using Energy Consumption or the Execution Time of the prefetch instruction
|Leaking Kernel Memory with Spectre
|Combination of TLB-Evict+Prefetch and a Spectre Gadget to leak kernel memory