Mitigating branch prediction and other timing based side channel attacks

摘要

To provide hardware protection against timing based side channel attacks, a processor's microarchitecture enables an OS to determine which applications have the privilege to read timestamp and performance counters. Using a white list of applications, and an authentication mechanism to authenticate applications, a legitimate Protection Required Application (PRA) may temporarily prevent other applications from reading timestamp and performance counters while it executes (or excutes sensitive operations).

主权项

1. A method comprising:
receiving, by first software running at a first privilege level on a processor, a first request, the first request by second software running at a second privilege level on the processor, to cause the processor to enter a secure mode, wherein the first privilege level is more privileged than the second privilege level; authenticating the second software in response to receiving the first request, wherein authenticating the second software includes verifying that the second software is on a list of trusted software; executing, by the first software in response to receiving the request, a first instruction to write to a control register, wherein the control register contains a plurality of control flags including a first control flag to restrict execution of a second instruction to software running at the first privilege level, wherein the second instruction is to read a time stamp counter; and disabling, in response to executing the first instruction, reading of the time stamp counter by software running at the second privilege level.