Flushgeist: Cache Leaks from Beyond the Flush
Abstract
Flushing the cache, using instructions like clflush and wbinvd, is commonly proposed as a countermeasure against access-based cache attacks. In this report, we show that several Intel caches, specifically the L1 caches in some pre-Skylake processors and the L2 caches in some post-Broadwell processors, leak information even after being flushed through clflush and wbinvd instructions. That is, security-critical assumptions about the behavior of clflush and wbinvd instructions are incorrect, and countermeasures that rely on them should be revised.
- Publication:
-
arXiv e-prints
- Pub Date:
- May 2020
- DOI:
- 10.48550/arXiv.2005.13853
- arXiv:
- arXiv:2005.13853
- Bibcode:
- 2020arXiv200513853V
- Keywords:
-
- Computer Science - Cryptography and Security
- E-Print:
- 6 pages, 4 figures