📃
Confidential Computing 101
HomeTechnologyTry CC!
  • Welcome
  • Confidential Computing
    • What is Confidential Computing
    • What problems Confidential Computing solves
      • Bare Metal
      • Docker
      • Kubernetes
      • Knative
    • Why Confidential Computing
    • How Confidential Computing works
      • Memory Encryption
      • Workload Attestation
      • Confidential Boot
      • Sealing / Binding
      • Secret Provisioning
    • Technology Overview
    • Cloud Service Providers
  • Technology in depth
    • Intel SGX
      • Getting Started
        • Bare Metal Server Installation
        • Enclave Development Environment
        • Intel SGX SDK Setup
      • Technology
        • 🎭Features
        • 💂Threat Model
        • 🆚Versions
        • 🟦Concepts
          • 🏦Memory Encryption
          • 👮Local and Remote Attestation
          • 🖼️DCAP-Attestation Framework
          • 🔑Secret Key Provisioning
      • enclaive Development Kit
        • 🏢Architecture
        • 🌪️Workflow
        • 🌍Tutorials
          • Azure DCdsv3, DCsv2, or DCsv3 Setup
          • Redis in cK8s
          • MongoDB in cK8s
          • K8s + HashiCorp Vault on Azure DCsv3
      • Vault Remote Attestation Plug-In
        • 🏃‍♂️Initialization
        • 👮Attestation
        • ⚙️Configuration
    • Intel TDX
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
          • VT
          • TME/MKTME
          • SGX
        • Features
        • Threat Model
        • Concepts
          • Architecture
            • TDX Module
          • Memory Encryption
            • Confidentiality and Integrity
            • Keys and Key Management
          • TD Partitioning
          • DCAP-Attestation
            • Overview
            • Platform Registration
            • Attestation Report
    • AMD SEV
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
        • Threat Model
        • SME Concepts
          • Use Models
        • SEV-SNP Concepts
          • Features
            • Integrity Threats
            • Reverse Map Table
            • Page Validation
            • Page States
            • Virtual Machine Privilege Levels
            • Interrupt/Exception Protection
            • Trusted Platform Information
            • TCB Versioning
            • VM Launch & Attestation
            • VM Migration
            • Side Channels
          • Use Cases
          • Architecture
            • Encrypted Memory
            • Key Management
          • Software Implications
    • ARM CC
      • Technology
        • Introduction
        • Threat Model
        • Design
        • Comparison
    • Attestation Methods
      • Raw Attestation
      • Raw Attestation with Secure-Boot
      • Raw Attestation with a vTPM
        • AMD Secure VM Service Module and vTPMs
      • Raw Attestation with paravirtualized TPM
  • Resources
    • Youtube
    • Github
    • Products
Powered by GitBook
On this page

Was this helpful?

  1. Technology in depth
  2. AMD SEV
  3. Technology
  4. SEV-SNP Concepts
  5. Features

Side Channels

Recently, there has been significant security research on CPU side-channel attacks, which exploit the internal structures of the CPU to leak information. One prominent example is Spectre Variant 2, which leverages hardware branch prediction to create data leakage under specific conditions. AMD has responded to such attacks by introducing hardware capabilities to aid software in defending against them, such as Spectre Variant 2.

Spectre Variant 2 demonstrated that the indirect branch predictor (BTB) could be exploited when certain software conditions are met, assuming an attacker can influence the branch predictions of another entity. In AMD's latest CPU designs, support has been added for the SPEC_CTRL MSR and PRED_CMD MSR, which provide more software control over the BTB structure. In the SEV-SNP architecture, the SPEC_CTRL MSR is virtualized, allowing the guest to set its own speculation policy independently of the hypervisor. This empowers the guest to use modes like IBRS (Indirect Branch Restricted Speculation) for added security.

In traditional virtualization, the hypervisor employs protective measures against guest-based attacks, such as retpoline or running with IBRS enabled. However, when the hypervisor is not trusted, the guest may also be concerned about hypervisor-based attacks, including malicious attempts to poison BTB entries. To address this, SEV-SNP VMs can enable additional protection, wherein the CPU hardware prevents the VM from speculatively using BTB entries installed by other entities. This feature automatically performs a BTB flush when necessary to prevent speculative use of such entries.

Simultaneous Multi-Threading (SMT) is another area of CPU hardware that has been targeted in side channel research due to shared hardware resources. To counter potential observation channels, sensitive SEV-SNP VMs can choose to be restricted to running only on SMT-disabled systems.

While SEV-SNP provides options for protection from certain speculative side channel attacks and SMT concerns, it cannot safeguard against all possible side channel attacks. Attacks like PRIME+PROBE, which target specific vulnerable software algorithms based on cache or TLB access patterns, are not protected by SEV-SNP. It is the responsibility of VM owners to follow standard security practices and update their software to avoid such vulnerabilities.

Other side channel attack categories, like application fingerprinting attacks, are outside the scope of SEV-SNP. These attacks aim to determine the application being run, but they do not directly compromise the confidentiality or integrity of guest VM data. Future versions of SEV may include additional protections against some of these attack vectors.

In summary, while SEV-SNP offers valuable protections against certain side channel attacks, it is crucial for VM owners to stay vigilant, follow best security practices, and keep their software up to date to safeguard against potential vulnerabilities.

Last updated 11 months ago

Was this helpful?