A data memory-dependent prefetcher (DMP) is a cache prefetcher that looks at cache memory content for possible pointer values, and prefetches the data at those locations into cache if it sees memory access patterns that suggest following those pointers would be useful.[1][2]
As of 2022, data prefetching was already a common feature in CPUs,[3] but most prefetchers do not inspect the data within the cache for pointers, instead working by monitoring memory access patterns. Data memory-dependent prefetchers take this one step further.
The DMP in Apple's M1 computer architecture was demonstrated to be capable of being used as a memory side-channel in an attack published in early 2024. At that time its authors did not know of any practical way to exploit it.[4] The DMP was subsequently discovered to be even more opportunistic than previously thought, and has now been demonstrated to be able to be used to effectively attack a variety of cryptographic algorithms in work called GoFetch by its authors.[5][6]
Intel Core processors also have DMP functionality (Intel use the term "Data Dependent Prefetcher") but Intel states that they have features to prevent their DMPs being used for side-channel attacks.[7] The authors of GoFetch state that they were unable to make their exploit work on Intel processors.[6]
References
edit- ^ "Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest". www.prefetchers.info. 2022-05-02. Retrieved 2024-03-30.
- ^ Vicarte, Jose Rodrigo Sanchez; Flanders, Michael; Paccagnella, Riccardo; Garrett-Grossman, Grant; Morrison, Adam; Fletcher, Christopher W.; Kohlbrenner, David (May 2022). Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest. 2022 IEEE Symposium on Security and Privacy (SP). San Francisco, CA, USA: IEEE. pp. 1491–1505. doi:10.1109/SP46214.2022.9833570. ISBN 978-1-6654-1316-9.
- ^ Bakhshalipour, Mohammad; Shakerinava, Mehran; Golshan, Fatemeh; Ansari, Ali; Lotfi-Karman, Pejman; Sarbazi-Azad, Hamid (2020-09-01). "A Survey on Recent Hardware Data Prefetching Approaches with An Emphasis on Servers". arXiv:2009.00715 [cs.AR].
- ^ Goodin, Dan (2024-03-21). "Unpatchable vulnerability in Apple chip leaks secret encryption keys". Ars Technica. Retrieved 2024-03-21.
- ^ "Apple Silicon chip flaw can leak encryption keys, say researchers". AppleInsider. 2024-03-21. Retrieved 2024-03-22.
- ^ a b "GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers". gofetch.fail. Retrieved 2024-03-22.
- ^ "Data Dependent Prefetcher". Intel. Retrieved 2024-03-21.