% document based on the VU Beta / BSc Thesis template \documentclass[11pt]{article} \usepackage{graphicx} \usepackage{url} \textwidth 15cm \textheight 22cm \parindent 10pt \oddsidemargin 0.85cm \evensidemargin 0.37cm \begin{document} \thispagestyle{empty} \begin{center} Vrije Universiteit Amsterdam \vspace{1mm} %\includegraphics[height=28mm]{vu-griffioen-white.pdf} \vspace{1.5cm} {\Large Bachelor Project Computer Science - Project Proposal} \vspace*{1.5cm} \rule{.9\linewidth}{.6pt}\\[0.4cm] {\huge \bfseries Breaking Kernel ASLR through TLB sidechannel\par} \rule{.9\linewidth}{.6pt}\\[1.5cm] \vspace*{2mm} {\Large \begin{tabular}{l} {\bf Author:} ~~Mira Chacku Purakal ~~~~ (2777677) \end{tabular} } \vspace*{1.5cm} \begin{tabular}{ll} {\it VU :} & ~~Herbert Bos \\ {\it Daily supervisor:} & ~~Dyon \\ \end{tabular} \vspace*{2cm} \vspace*{1cm} \today\\[4cm] % Date \end{center} \newpage \section*{Abstract} We will reproduce parts of Maar et al. \cite{tugraz:tlbsidechannel} and use them to perform a location disclosure attack on security critical kernel data structures. This will allow for further attacks which would usually be prevented by ASLR. To do so we will use kernel defenses that change the page mappings to 4kB and exploit a TLB side channel along with allocator massaging to leak the page-aligned address of critical data structures. We then further deduce precise addresses as well as performing error checking to improve success rate. \\ \section{Introduction} \label{sec:introduction} The goal of the project is to expose the location of security critical data structures such as the \texttt{cred} struct which would usually be prevented through (Kernel) ASLR. To do so we will use one of the technique presented in prior work by Maar et al. \cite{tugraz:tlbsidechannel} using TLB contention patterns caused by certain kernel defenses in combination with allocator massaging and in the process reproduce a subset of their findings. We will demonstrate the attack on an 8th Gen or newer Intel CPU and a 6.8 kernel. Depending on other factors, more systems may be evalutated. \\ \section{Background} \label{sec:background} Under usual circumstances kernel objects are memory mapped to 2MB pages, however Maar et al. \cite{tugraz:tlbsidechannel} identify 3 kernel defenses which change the memory mapping (partially) to 4kB. With this an attacker can ensure the target object is located in one of those 4kB mappings and loaded into the TLB. Then using access primitives creates a TLB contention pattern, based on which the page-aligned address of the target can be inferred and further the exact address of the target can be deduced.\\ The 3 kernel defenses are \texttt{CONFIG\_STRICT\_MODULE\_RWX}, \texttt{CONFIG\_SLAB\_VIRTUAL} and \\ \texttt{CONFIG\_VMAP\_STACK}. As the name suggests the last one only changes the mapping of the stack to 4kB and therefore only allows leakage of the kernel stack which is not interesting to us. \texttt{CONFIG\_STRICT\_MODULE\_RWX} is more interesting, however Maar et al. \cite{tugraz:tlbsidechannel} were unable to reliably leak the \texttt{cred} struct specifically using this exploit. This leaves \texttt{CONFIG\_SLAB\_VIRTUAL} which is a kernel defense introduced in the patched kernel for the Google KernelCTF. Other than \texttt{CONFIG\_STRICT\_MODULE\_RWX} this changes the entire heap mapping to 4kB instead of just the area around a loaded module. This potentially increases TLB noise but achieving a near 100\% success rate should still be possible with use of error correction. \\ \section{Problem} \label{sec:problem} KASLR as a defense obfuscates the location of security critical objects which could be used in many exploits if exposed. If we are able to find a stable exploit to expose the location of these objections and therefore partially break KASLR many attacks previously prevented by it become possible again. In this use case, specifically data-only attacks greatly benefit from the potential data leaked here. \\ \section{Related Work} \label{sec:related} Maar et al. \cite{tugraz:tlbsidechannel} is clearly related as my work will be largely reproducing a subset of this work and provide everything required to use it for further data-only attacks. \\ Further Gruss et al. \cite{tugraz:prefetch} may be relevant as it is used to distinguish mapped pages without violating access permissions. \\ \section{Research Question(s)} \label{sec:researchq} We invastigate the location disclosure attacks presented in Maar et al \cite{tugraz:tlbsidechannel} and investigate if we can provide a simple, usable disclosure attack to leak the location of security critical data structures which can be chained with further attacks. \\ \section{Approach} \label{sec:approach} In the first step we will analyze the most feasible way to leak the information of interest. Then we will attempt to perform such a disclosure attack on interesting data structures in a way which can be used in combination with follow-up attacks. If possible a last step may involve testing the attack on later kernels or different hardware. \\ \section{Plan} \label{sec:plan} The first step is mostly theoretical, however it may be necessary to reexamine the decisions made if further challenges arise in later steps. \\ The next step will be performed on provided hardware, preferrably using VMs but if this proves impossible also on bare metal following the steps learned in the setups of the VM. \\ \section{Conclusion} \label{sec:conclusion} We will use a kernel defense to force 4kB page mapping for security critical data structures. Then we will use kernel allocator massaging and a TLB side channel to leak their location despite KASLR being enabled. We will further use error correction to attempt to provide a stable exploit which can be used for further exploits. \\ \newpage % For more on bibliography styles, see % https://www.overleaf.com/learn/latex/Bibtex_bibliography_styles \bibliographystyle{abbrv} \bibliography{main} \end{document} % \end{document}