/transientfail

Website and PoC collection for transient execution attacks

Primary LanguageCzlib LicenseZlib

Transient Fail

Transient Fail is a project that gathers different proof-of-concept implementations of Transient Execution Attacks. It was originally developed for our Usenix 2019 paper

A Systematic Evaluation of Transient Execution Attacks and Defenses by Canella, Van Bulck, Schwarz, Lipp, von Berg, Ortner, Piessens, Evtyushkin and Gruss

Content

This project provides two different things:

  • In the docs folder, we provide the source for the content of the transient.fail website.
  • In the pocs folder, we provide our proof-of-concept implementations as well as two libraries required for them. Libcache is a small library that provides all the required functionality for time measurement, flushing and loading values, TSX transactions and so on. Libpte is a fork of PTEditor developed by Michael Schwarz and allows manipulation of paging structures via a Linux kernel module.

Status

Transient Fail is under active development as we add new proof-of-concepts that we discover during our research. We invite everybody who wants to contribute to do so via pull requests.

Compilers and Operating Systems

So far, we only support Linux with gcc on x86 and ARMv8. Therefore, we have only tested them on such platforms, but welcome any feedback and pull requests on other platforms.

Literature