Stack Overflow
Stack Overflow

Questions tagged [spectre]

For questions regarding Spectre security vulnerability. Questions related to the CSS framework, Spectre.css, should use the [tag:spectre.css] tag.

53 questions
1
vote
1 answer

Error every time I start a new VS project "Spectre-mitigated libraries are required for this project."

Whenever I start a new C++ project on Visual Studio and compile, I am faced with this error. I then have to go to settings and disable spectre mitigation. Error MSB8040 Spectre-mitigated libraries are required for this project. Install them from…
Eon
  • 149
  • 8
1
vote
0 answers

Why are cross-origin isolation and CORB/CORP both needed?

Abbreviations used: CORP: Cross Origin Resource Policy CORS: Cross Origin Resource Sharing CORB: Cross Origin Read Blocking SSCAs: speculative side-channel attacks, like Spectre I've read this article, but I still don't understand why are…
D. Pardal
  • 6,173
  • 1
  • 17
  • 37
1
vote
1 answer

To use WDK in VS2019, which Spectre-mitigated library should be installed

When using WDK in VS2019, I get this build error: Error MSB8040: Spectre-mitigated libraries are required for this project There are a lot of items in VS2019 setup that contains "spectre". This…
jw_
  • 1,663
  • 18
  • 32
1
vote
0 answers

Can't run SpectreSafeInvisibleSpec scheme on Gem5 core dump issue

I'm trying to reproduce data from InvisiSpec paper. InvisiSpec is a defense mechanism in hardware for Spectre attack. I'm using github code that was released by the author of the paper. I previously had issue building InvisiSpec on Gem5 but that…
parisa
  • 784
  • 1
  • 8
  • 27
1
vote
1 answer

Can't build InvisiSpec in gem5 error no evictionCallback method

I'm trying to reproduce data from InvisiSpec paper. InvisiSpec is a defense mechanism in hardware for Spectre attack. I'm using github code that was released by the author of the paper. Currently I can build and run last version of gem5 simulator…
parisa
  • 784
  • 1
  • 8
  • 27
1
vote
2 answers

Does the Harvard architecture have the von Neumann bottleneck?

From the naming and this article I feel the answer is no, but I don't understand why. The bottleneck is how fast you can fetch data from memory. Whether you can fetch instruction at the same time doesn't seem to matter. Don't you still have to wait…
tcya
  • 41
  • 6
1
vote
0 answers

Spectre/Meltdown slowing down delphi service

I have a problem with the spectre/meltdown patch from windows (it got released somewhere around Q1 last year). When activated, my delphi REST service is being slowed down about 15 times (so if a request takes 1 second, with the activated patches its…
rimes
  • 761
  • 1
  • 8
  • 25
1
vote
1 answer

Speculative Store Bypass (Spectre V4)

Does anyone know if there is a place that I can learn more about the Spectre V4 (Speculative Store Bypass) vulnerability? I already know the V1-V3 and also the Foreshadow. I found Intel's description is a bit confusing, especially their sample code…
Hongce Zhang
  • 103
  • 6
1
vote
2 answers

How to verify if the Spectre Mitigation flag used in Visual Studio 2017 works for C++?

I want to see how the spectre mitigation flag solved a problem to convince my team that we need to add this flag to our large code base for upcoming projects. I am searching for sample projects that have a spectre vulnerability and is resolved by…
Ganesh Kamath - 'Code Frenzy'
  • 5,094
  • 3
  • 43
  • 60
1
vote
1 answer

spectre with device memory

Regarding the spectre security issues and side-channel attacks. In both x86 and ARM exists a method to disable caches/speculative access on specific memory pages. So any side-channel attack (spectre, meltdown) on these memory regions should be…
Domso
  • 970
  • 1
  • 10
  • 22
1
vote
1 answer

Spectre V1 PoC Code

I try to understand the Spectre PoC by Erik August (https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6). In line 76 it says x = ((j % 6) - 1) & ~0xFFFF; So I know & is a bitwise AND and ~ returns a bitwise complement. If j%6 is 0…
Duckling
  • 71
  • 2
1
vote
1 answer

Are other parts of physical memory accessed during a segfault?

As part of a learning project, I've worked a bit on Spectre and Meltdown PoCs to get myself more confortable with the concept. I have managed to recover previously accessed data using the clock timers, but now I'm wondering how do they actually read…
Jean-Pierre Coffe
  • 83
  • 1
  • 9
0
votes
0 answers

Error: cannot take a sample larger than the population when 'replace = FALSE'

I am trying to do clustering and dimentionnality reduction of my flow cytometry data using Spectre package. I am following their tutorial and yesterday it worked fine. Today I increased the number of metaclusters to 20. After running for 2 hours (my…
Liana
  • 1
0
votes
1 answer

Why does the index get multiplied by 512 in the Spectre research paper?

I'm currently trying to understand demo-code that is included in the Spectre research paper, and I don't really understand why array1[x] is multiplied by 512. void victim_function(size_t x) { if (x < array1_size) { temp &=…
ChiefBiscuit360
  • 3
  • 1
0
votes
0 answers

Linux kernel: can't build module with non-retpoline compiler

OS - RedHat 8.5, kernel 4.18.0-348.20.1.el8_5.x86_64, gcc-8.5.0 I have installed kernel-devel and kernel-headers, and tried to build a very simple kernel module (just a pair of printk()). Makefile: obj-m += test_mod.o MSRC ?= $(PWD) KDIR ?=…
Mark
  • 6,052
  • 8
  • 61
  • 129
1 2
3
4