This repository contains the software mitigations for the novel attack primitives presented in the IEEE S&P 2023 paper "A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs".
This repository is part of a project in "CS4702-Computer Security" at University of Lübeck.
Testing Device:
- Board: StarFive VisionFive2
- OS: StarFive Debian 6.6.20
The proposed mitigations are:
- Disable+Emulate: Disable the RISC-V performance counters and emulate the values to make all attacks less reliable
- Catch+Wait: Wait on context switch to make Flush+Fault attacks less reliable
- Switch+Clear: Clear the I-Cache on every context switch to make Flush+Fault attacks infeasible
The mitigations require custom Linux kernel patches that can be found under custom-kernel.
All benchmarks can be run automatically by using the run-all.sh script:
cd ./kernel_modules/benchmarks && sudo ./run-all.shTo test the availability of the performance counters and their output, we added simple testing programs that simply print the value of each counter. They can be found under printers.