Website Copyright © 2020 Kyle C. Hale, Illinois Institute of Technology.
Discovered in 2017 and publicly disclosed in January 2018, the Meltdown attack exploits critical vulnerabilities that exist in many modern (and not-so-modern) processors, including those from Intel and ARM. The vulnerabilities allow a user-level program to read data stored inside kernel memory. Such access is not allowed by the hardware protection mechanism implemented in most CPUs, but a vulnerability exists in the design of these CPUs that makes it possible to defeat the hardware protection. Because the flaw exists in the hardware, it is very difficult to fundamentally fix the problem, unless we change the CPUs in our computers. The Meltdown vulnerability represents a special genre of vulnerabilities in the design of CPUs. Along with the Spectre vulnerability, they provide an invaluable lesson for security education. The learning objective of this lab is for you to gain first-hand experience with the Meltdown attack. The attack itself is quite sophisticated, so we break it down into several small steps, each of which is easy to understand and perform. Once you understand each step, it should not be difficult for you to put everything together to perform the actual attack.
Please find the lab description here
This attack only works against Intel CPUs currently, so if your host machine does not have an Intel chip, the attack will not work. If you need a machine, let me know and we can work something out.
Please write your lab report according to the description. Please also list the important code snippets followed by your explanation. You will not receive credit if you simply attach code without any explanation. Upload your answers as a PDF to blackboard. You must turn this in by Tuesday 2/11 11:59 PM.
Most content taken from Wenliang Du.
This work is licensed under a Creative Commons Attribution-NonCommercialShareAlike 4.0 International License. A human-readable summary of (and not a substitute for) the license is the following: You are free to copy and redistribute the material in any medium or format. You must give appropriate credit. If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. You may not use the material for commercial purposes.
Website Copyright © 2020 Kyle C. Hale, Illinois Institute of Technology.