Researchers find flaw in Apple Silicon chips, but it's not 'that bad'

Posted:
in macOS edited April 22

Researchers have discovered a microarchitectural flaw present in Apple Silicon chips that could lead to data leakage, though they said there is currently little cause for concern.

Apple MacBook Pro
Apple MacBook Pro



The so-called Augury flaw was discovered by a team of researchers led by Jose Rodrigo Sanchez Vicarte of the University of Illinois at Urbana Champaign and Michael Flanders of the University of Washington. Vicarte, Flanders, and other members of the team recently published details of the flaw in a new paper.

According to the researchers, the flaw exists in the Data-Memory Dependent Prefetcher (DMP) in Apple Silicon chips. DMPs, which decide what memory content to prefetch, are well-known in academic circles but have yet to be deployed in a commercial product.

We found a way to leak data on Apple Silicon processors that is "at rest": that is, data the core never reads speculatively or non-speculatively.
This will be an odd one, so stick around for the and see https://t.co/KCnw9PAlSS

-- David Kohlbrenner (@dkohlbre)



"Classical prefetchers look only at the stream of previous addresses accessed. DMPs also consider on the content of the previously prefetched memory," said David Kohlbrenner, another member of the team. "Inherently, the DMP's choice thus reveals something about the content of memory."

Apple's M1 and A14 family of chips use a prefetcher that targets an array-of-pointers access pattern. Thought the exact details are complicated, this essentially means that the chips can leak data that isn't read by any instruction.

Kohlbrenner noted, however, that this is "about the weakest DMP an attacker can get."

"It only prefetches when content is a valid virtual address, and has a number of odd limitations," he wrote on Twitter. "We show this can be used to leak pointers and break ASLR. We believe there are better attacks available."

The flaw isn't "that bad" currently, since it can only leak data pointers and "likely only in the sandbox threat model."

However, similar flaws centered around data at rest can be tricky to protect against. That's because leaked data is never read by the core, speculatively or non-speculatively.



Read on AppleInsider

Comments

  • Reply 1 of 11
    mac_dogmac_dog Posts: 1,072member
    Except the government and law enforcement can exploit it. Probably. Apple should consider fixing this for the long haul. 
    watto_cobra
  • Reply 2 of 11
    Don't panic, these CPU level exploits are extremely difficult to exploit and are basically never seen in the wild. Remember Meltdown and Spectre a few years back? Not a single documented exploit in the wild. It's worthwhile to look for and fix these issues, however, as Flava Flave says "Dont believe the hype!"
    scstrrfnetroxiqatedodoozydozenwatto_cobra
  • Reply 3 of 11
    lkrupplkrupp Posts: 10,557member
    Don't panic, these CPU level exploits are extremely difficult to exploit and are basically never seen in the wild. Remember Meltdown and Spectre a few years back? Not a single documented exploit in the wild. It's worthwhile to look for and fix these issues, however, as Flava Flave says "Dont believe the hype!”
    But this is Apple! When it’s Apple people starting running around with their hair on fire screaming “the end is near!"
    iqatedo
  • Reply 4 of 11
    crowleycrowley Posts: 10,453member
    lkrupp said:
    Don't panic, these CPU level exploits are extremely difficult to exploit and are basically never seen in the wild. Remember Meltdown and Spectre a few years back? Not a single documented exploit in the wild. It's worthwhile to look for and fix these issues, however, as Flava Flave says "Dont believe the hype!”
    But this is Apple! When it’s Apple people starting running around with their hair on fire screaming “the end is near!"
    So you keep saying, with zero evidence.  Your shrill and incessant proclamations that everyone is against Apple, constantly complaining and creating hysteria would be an excellent parody if you had any self awareness.

    Seriously dude, chill tf out.
    lkrupplolliverMplsPJustSomeGuy1muthuk_vanalingamTRAG
  • Reply 5 of 11
    sflocalsflocal Posts: 6,106member
    Just like software, no CPU is "perfect".  That doesn't mean I'm giving Intel a free-pass for all the huge CPU errata problems, it's just something to know and to work with.

    If this is as bad as it gets for Apple Silicon, then that's pretty darn good.
    lolliverwatto_cobra
  • Reply 6 of 11
    badmonkbadmonk Posts: 1,318member
    crowley said:
    lkrupp said:
    Don't panic, these CPU level exploits are extremely difficult to exploit and are basically never seen in the wild. Remember Meltdown and Spectre a few years back? Not a single documented exploit in the wild. It's worthwhile to look for and fix these issues, however, as Flava Flave says "Dont believe the hype!”
    But this is Apple! When it’s Apple people starting running around with their hair on fire screaming “the end is near!"
    So you keep saying, with zero evidence.  Your shrill and incessant proclamations that everyone is against Apple, constantly complaining and creating hysteria would be an excellent parody if you had any self awareness.

    Seriously dude, chill tf out.
    The Airpods stalking controversy (as other products provided no protection in this regard) is a perfect example.
    jony0watto_cobra
  • Reply 7 of 11
    dewmedewme Posts: 5,498member
    Interesting topic. I haven't read the entire paper yet, much less the numerous cross-references, but it sounds like this is only affecting the performance cores in the M1 and certain A-series SoCs. It also sounds like the potential for such a vulnerability in this optimization technique has been recognized in academic circles for a while, but the M1 and affected A-series SoCs are the first implementation of the algorithms they've seen in the wild. They go on to say that it's highly likely that anyone trying to eke out the kind of performance-per-watt that Apple is getting with its chips will implement similar optimizations, which means that mitigation steps will have to be taken.

    Keep in mind that these researchers apply a very stringent academic approach to what they consider data leakage. This is perfectly fine because a leak is a leak is a leak. What they don't assume in their declaration of a data leak is to differentiate the nature of the data that is being leaked. Not all data is secret data. Anything that can be done to keep secret data from being leaked by keeping it away from memory that is vulnerable to this issue serves to mitigate the problem. They discuss this exact strategy and how it has been successfully employed for mitigating Spectre vulnerabilities. As mentioned above, if the vulnerability exists in the sandbox, don't store your secrets in the sandbox.

    Chip designers have to go to great lengths to squeeze out every possible optimization from the micro architecture. A lot of these optimizations are based on recognizing certain statistically predictable patterns in memory access. Unfortunately, taking advantage of this predictability and observable patterns exposes something that attackers can take advantage of. Removing the optimizations to thwart the vulnerability is highly undesirable, so other approaches have to be taken. 

    I'm sure that Apple is pleased that this issue has been brought to their attention relatively early in the M series lifecycle rather than several years or decades down the road. 
    rundhvidwatto_cobra
  • Reply 8 of 11
    JustSomeGuy1JustSomeGuy1 Posts: 330member
    sflocal said:
    Just like software, no CPU is "perfect".  That doesn't mean I'm giving Intel a free-pass for all the huge CPU errata problems, it's just something to know and to work with.

    If this is as bad as it gets for Apple Silicon, then that's pretty darn good.
    It's almost certain not to be the last. Apple's engineers are tops, but the complexity of these cores is extremely high. There are *dozens* of speculative execution bugs known on AMD and Intel architectures. Nor are the server-grade ARMs immune.

    Anyway, this is at least medium-grade bad, if it can break ASLR. As someone else said, you're still stuck in a sandbox (most cases, at least), but sandbox escapes are not that uncommon. Just look at Apple's security update notes over the last year or two. Serious threat actors, both state-level APTs and lesser criminal groups, will commonly combine multiple vulnerabilities to achieve complete compromises. So it would not be hugely surprising to see this used as part of a compromise chain in the future.

    It is true that there has been no widespread compromise based on Spectre/Meltdown/etc. However, if you think APTs aren't working on this all the time, you really don't have a clue how this works. They are, and there may already be targeted attacks out there. Even if not... they'll come, when feasible. So work like this is important, to help everyone (especially silicon designers) understand the evolving threat models, and get mitigations underway when appropriate.
    dewmewatto_cobra
  • Reply 9 of 11
    humbug1873humbug1873 Posts: 142member
    'Stupid Flanders' - H. Simpson
    MplsPwatto_cobra
  • Reply 10 of 11
    swat671swat671 Posts: 151member
    DMPs, which decide what memory content to prefetch, are well-known in academic circles but have yet to be deployed in a commercial product.”

    I guess that means the M1 isn’t a commercial product? 
    watto_cobra
Sign In or Register to comment.