Early Popular Disclosure
Spectre Attacks: Exploiting Speculative Execution (Graz);
Meltdown (Evanston) Intel specific
Project Zero from Google
Two Acedemic Papers:
Intel Analysis of Speculative
Execution Side Channels
I find Intel’s exploit descriptions easiest to understand.
Peter Bright’s descriptions are first class.
Paul Kocher’s talk too
My Meltdown notes;
Another nexus (Good FAQ)
Google: Retpoline: a software construct for preventing branch-target-injection8j09kk7l
My Narrow Spectre Fix
(Things I had to look up to understand the exploits)
BPF JIT ⬅︎
Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory ⬅︎ Flush+Reload
Notes from the Intelpocalypse
Regarding “prefetcher” I quote from Intel® 64 and IA-32 Architectures Optimization Reference Manual
- Data cache unit (DCU) prefetcher. This prefetcher, also known as the streaming prefetcher, is triggered by an ascending access to very recently loaded data.
The processor assumes that this access is part of a streaming algorithm and automatically fetches the next line.
- Instruction pointer (IP)-based stride prefetcher. This prefetcher keeps track of individual load instructions.
If a load instruction is detected to have a regular stride, then a prefetch is sent to the next address which is the sum of the current address and the stride.
This prefetcher can prefetch forward or backward and can detect strides of up to 2K bytes.
Do we still know how to write code?
Obituary for Moore’s Law
Late January Intel Announcement