This repository contains the artifacts for the IEEE S&P 2023 paper "A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs".
Currently, the experiments are tested on the T-Head C906, C908, C910 and SiFive U74 processor. The C906 and U74 are in the paper, the others were added afterwards:
| Processor | Board | Distro | Kernel |
|---|---|---|---|
| T-Head C906 | Sipeed Nezha / Sipeed Lichee RV | Debian 12 | 5.14.0-rc4-nezha (Nezha), 5.4.61 (Lichee RV) |
| T-Head C908 | CanMV Kendryte K230 | Debian 13 | 5.10.4 |
| T-Head C910 | BeagleV Ahead | Ubuntu 23.04 | 5.10.113-g52fbe8443ea1-dirty |
| SiFive U74 | StarFive VisionFive 2 | Ubuntu 22.04.1 LTS | 5.17.5-visionfive |
We provide a rlibsc.h header file that bundles a few useful instructions for all experiments.
To use the header, simply add #include "rlibsc.h" to your code, after copying the header to your path.
Each subfolder contains a README on how to run the specific experiment. We provide source code for the following experiments:
spectre: Spectre exploit on the C910 processor
access-retired: Discovers hidden files on a system by monitoring the ammount of retired instructions. This code is used during the Dropbox case study.zigzagger: Code for the zigzagger case study showing that it is possible to distinguish the branch direction of zigzagger protected code via the count of retired instructions.aes_example: Contains the code for all AES T-Table attacks performed.interrupt-timing,timer-drift: Shows that it is possible to monitor network interrupts via timing. Also shows that a more precise result is possible using CycleDrift.page-walk: Shows timing (and on the U74 instruction differences) that allow to distinguish the length of the page-table walk.mbedtls-key-leak: Contains the code for the Flush+Fault exploit on MbedTLS.
evict_reload_histrogram: Generates a histrogram for an Evict+Reload covert channelfence_flush_histogram: Generates a histrogram for an Flush+Reload attack on the I-Cache using thefence.iinstruction.fgprime_probe_histrogram: Optimized Prime+Probe for the C906 making use of the FIFO relacement strategy to achive highter transfer rates.iflush_reload_histogram: Generates a Flush+Reload histogram using theicache.ivainstruction on the C906 and C910.flush_reload_histogram: Generates a Flush+Reload histogram using thedcache.ivainstruction on the C906 and C910.flush_flush_histogram: Generates a Flush+Flush histogram using thedcache.ivainstruction on the C906 and C910.prime_probe_histogram: Histrogram for a Prime+Probe attack.tlb_evict_histogram: Code to genereate a histogram showing that it is possible to evict TLB entries.spectre-v1: Histogram that shows that code is spculatively fetched, enabling our Cache+Time attack.
timer-evaluation: Benchmark for the precision and increment behavior of the timers present on the tested processors.instr-cycles: Shows the timing of most base set instructions
square-multiply: Padded square and multiply implementation that is still vulnerable to an attacker that can see the number of retired instructions.m-mode-instr-count: Shows that therdinstretinstruction leaks the number of exeuted instructions in M-mode.flush-fault: PoC implementations for both variants of Fault+Fault.
If you use our results in your research, please cite our paper as:
@inproceedings{Gerlach2023SecurityRISC,
author = {Gerlach, Lukas and Weber, Daniel and Zhang, Ruiyi and Schwarz, Michael},
booktitle = {S\&P},
title = {{A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs}},
year = {2023}
}And our artifacts as:
@misc{Gerlach2023SecurityRISCartifacts,
author = {Gerlach, Lukas and Weber, Daniel and Zhang, Ruiyi and Schwarz, Michael},
url = {https://github.com/cispa/Security-RISC}
title = {{A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs Artifact Repository}},
year = {2023}
}