Making a Hash Of AMD’s L1D cache way predictor

Source: The Register Making a Hash Of AMD’s L1D cache way predictor

The Theme For The Recent Past: Trimming A Bit Of Time At The Cost Of Security

Yet another architectural vulnerability has been discovered, shortly on the heels of the Intel, which effects many recent AMD processors.  Scott posted details on AMD’s initial reply on the Take A Way vulnerability, which at this current moment there is no patch forthcoming.   If you are curious exactly what this vulnerability is, now that the hype has died down somewhat you can take a look at The Register’s overview of it and the processors involved here.

In a nutshell it is part of AMD’s cache prediction technique which relies on a hash function to store the location of the cache the processor will access first when carrying out an instruction.  Researchers reverse engineered how the hash is created, which allows them to read which location the processor will hit and use that knowledge to create a cache collision.  That in turn can allow a variety of nasty things to happen, or at the very least slow down the efficiency of your L1 cache.  The research suggests this attack can be carried out remotely, but compared to some of the other architectural flaws discovered over the past couple of years it is unlikely to be used as an attack vector.  We will keep an eye on AMD to see what, if any, mitigation arrives.

The two attacks are called Collide+Probe and Load+Reload, in reference to the operations involved. The former exploits cache tag collisions while the latter exploits the way predictor's behavior for virtual addresses are mapped to the same physical address.

Video News

About The Author

Jeremy Hellstrom

Call it,, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!