AMD-SEV: Platform DH key recovery via invalid curve attack (CVE-2019-9836)

June 26, 2019 ~ hucktech ~ Leave a comment

[…]Through ongoing collaboration with industry researchers AMD became aware that, if using the user-selectable AMD secure encryption feature on a virtual machine running the Linux operating system, an encryption key could be compromised by manipulating the encryption technology’s behavior.[…]

This vulnerability was discovered and reported to AMD by Cfir Cohen of the
Google Cloud security team.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9836

AMD Secure Encrypted Virtualization (SEV)

[AMD] SEVered attack: Extracting Secrets from Encrypted VMs

January 15, 2019 ~ hucktech ~ Leave a comment

M. Morbitzer et al., “Extracting Secrets from Encrypted Virtual Machines” […an approach that allows a malicious hypervisor quick identification and theft of secrets, such as TLS, SSH or FDE keys, from encrypted virtual machines on current SEV hardware…]https://t.co/hrcZeW16Zq

— Arrigo Triulzi (@cynicalsecurity) January 15, 2019

Extracting Secrets from Encrypted Virtual Machines
Mathias Morbitzer, Manuel Huber, Julian Horsch
(Submitted on 7 Jan 2019)

AMD SEV is a hardware extension for main memory encryption on multi-tenant systems. SEV uses an on-chip coprocessor, the AMD Secure Processor, to transparently encrypt virtual machine memory with individual, ephemeral keys never leaving the coprocessor. The goal is to protect the confidentiality of the tenants’ memory from a malicious or compromised hypervisor and from memory attacks, for instance via cold boot or DMA. The SEVered attack has shown that it is nevertheless possible for a hypervisor to extract memory in plaintext from SEV-encrypted virtual machines without access to their encryption keys. However, the encryption impedes traditional virtual machine introspection techniques from locating secrets in memory prior to extraction. This can require the extraction of large amounts of memory to retrieve specific secrets and thus result in a time-consuming, obvious attack. We present an approach that allows a malicious hypervisor quick identification and theft of secrets, such as TLS, SSH or FDE keys, from encrypted virtual machines on current SEV hardware. We first observe activities of a virtual machine from within the hypervisor in order to infer the memory regions most likely to contain the secrets. Then, we systematically extract those memory regions and analyze their contents on-the-fly. This allows for the efficient retrieval of targeted secrets, strongly increasing the chances of a fast, robust and stealthy theft.

https://arxiv.org/abs/1901.01759

Android: emulator gets AMD & Hyper-V support

July 10, 2018 ~ hucktech ~ Leave a comment

Android Emulator – AMD Processor & Hyper-V Support#MobileSecurity #AndroidSecurity https://t.co/JfOR4XrJOf

— Mobile Security (@mobilesecurity_) July 9, 2018

https://android-developers.googleblog.com/2018/07/android-emulator-amd-processor-hyper-v.html

UDOO BOLT AMD Ryzen Embedded V1000 SBC

June 2, 2018 ~ hucktech ~ Leave a comment

HUGE news: UDOO BOLT: The AMD Ryzen™-based Maker Board, is LIVE on Kickstarter. #udoobolt #udoo #makers #maker #diy #minipc #kickstarter #udooboards
Back us on Kickstarter NOW: https://t.co/p9fRmPEUwE

— UDOO Board (@UDOO_Board) May 31, 2018

.@UDOO_board BOLT @AMD Ryzen Embedded V1000 SBC Goes for $229 and Up (Crowdfunding) https://t.co/zsFRK7qK2s #linux #windows #arduino

— CNX Software (@cnxsoft) June 1, 2018

https://www.cnx-software.com/2018/06/01/udoo-bolt-amd-ryzen-embedded-v1000-sbc/

SEVered: Subverting AMD’s Virtual Machine Encryption

May 26, 2018 ~ hucktech ~ Leave a comment

AMD SEV is a hardware feature designed for the secure encryption of virtual machines. SEV aims to protect virtual machine memory not only from other malicious guests and physical attackers, but also from a possibly malicious hypervisor. This relieves cloud and virtual server customers from fully trusting their server providers and the hypervisors they are using. We present the design and implementation of SEVered, an attack from a malicious hypervisor capable of extracting the full contents of main memory in plaintext from SEV-encrypted virtual machines. SEVered neither requires physical access nor colluding virtual machines, but only relies on a remote communication service, such as a web server, running in the targeted virtual machine. We verify the effectiveness of SEVered on a recent AMD SEV-enabled server platform running different services, such as web or SSH servers, in encrypted virtual machines. With these examples, we demonstrate that SEVered reliably and efficiently extracts all memory contents even in scenarios where the targeted virtual machine is under high load.

This is a fascinating exploitation of AMD's Secure Encrypted Virtualization – the security mechanism that decrypts and encrypts virtual machines on the fly in RAM. It can be bypassed by an evil HV so that info can be exfiltrated via HTTP, we're told https://t.co/0b9chrqdXn pic.twitter.com/R7wiGwTZU4

— The Register (@TheRegister) May 25, 2018

Uses the same technique Shay Gueron and I presented years ago in our research about attacks to transparent memory encryption without authentication. https://t.co/b8e8aawl1L

— Rodrigo Branco (@bsdaemon) May 26, 2018

[PDF] "SEVered: Subverting AMD’s Virtual Machine Encryption"
How to extract the full contents of main memory in plaintext
from SEV-encrypted virtual machines.https://t.co/x5471adbNN

— Denis Laskov (@it4sec) May 25, 2018

AMD updates “boot kit” :-)

April 25, 2018 ~ hucktech ~ Leave a comment

AMD tech support can lend some a processor to get around a problem, aka a “Boot Kit”. They have recently updated this procedure:

Unable to Boot New Desktop System Configured with AMD 2nd Generation Ryzen™ Desktop Processor, and AMD Socket AM4 Motherboard
Article Number: PA-100

This document provides information on how to resolve a specific boot issue that may be experienced with some 2nd Generation Ryzen Desktop Processors when installed on an AMD Socket AM4 motherboard.[…]

https://support.amd.com/en-us/kb-articles/Pages/2Gen-Ryzen-AM4-System-Bootup.aspx

AMD: Spectre Mitigation Update

April 11, 2018 ~ hucktech ~ Leave a comment

Spectre Mitigation Update
4/10/18

Today, AMD is providing updates regarding our recommended mitigations for Google Project Zero (GPZ) Variant 2 (Spectre) for Microsoft Windows users. These mitigations require a combination of processor microcode updates from our OEM and motherboard partners, as well as running the current and fully up-to-date version of Windows. For Linux users, AMD recommended mitigations for GPZ Variant 2 were made available to our Linux partners and have been released to distribution earlier this year.[…]

https://www.amd.com/en/corporate/security-updates

Click to access Architecture_Guidelines_Update_Indirect_Branch_Control.pdf

https://www.amd.com/en/corporate/security-updates#paragraph-347856

AMD responds to CTS Labs vulns

March 20, 2018March 20, 2018 ~ hucktech ~ Leave a comment

AMD's confirmation to the CTS Labs fiasco. As expected, the vulnerabilities were real. And as expected, it's not nearly as a big of deal as they were trying to make it. https://t.co/Ulb1cF0goL

— David Schor (@david_schor) March 20, 2018

“[…]AMD will provide additional updates on both our analysis of these issues and the related mitigation plans in the coming weeks.”

https://community.amd.com/community/amd-corporate/blog/2018/03/20/initial-amd-technical-assessment-of-cts-labs-research

While many feel that CTS Labs did not do a good job at disclosure, AMD has also not been doing a good job at updating the world about it’s vulns. Still no CVE for the PSP vuln from January, which is related to this one. Does AMD only reply-to vulns which have 24 hour limit response threats, and ignore ones that do not? Why haven’t we seen some response like above for the below fulldisclosure vuln?

https://firmwaresecurity.com/2018/01/12/a-bit-more-on-amd-psp-vuln/

AMI response to the CTS-Labs AMDflaws.com advisory

March 20, 2018 ~ hucktech ~ Leave a comment

PR Announcement: American Megatrends Response to the CTS-Labs Advisory of 13 Security Flaws in AMD Ryzen and EPYC Processors https://t.co/bzXPu1h3gp pic.twitter.com/j2kz5v8FUA

— American Megatrends (@AMI_PR) March 19, 2018

https://ami.com/en/news/press-releases/american-megatrends-response-to-the-ctslabs-advisory-of-13-security-flaws-in-amd-ryzen-and-epyc-processors/

more on AMDflaws.com

March 14, 2018 ~ hucktech ~ Leave a comment

Thoughts on the #amdflaws stuff: most of the attacks described appear to require some level of privileged access (and possibly physical access in one case), which will lead to people writing it off as entirely overhyped. This is a mistake.

— Matthew Garrett (@mjg59) March 13, 2018

So this https://t.co/vYktqat10K business… CTS Labs asked us to review their research last week, and sent us a full technical report with PoC exploit code for each set of bugs.

— Dan Guido (@dguido) March 13, 2018

This! Vulns are overhyped, paper is garbage, authors are PR seeking clowns https://t.co/aXaKk13jiR

— Dmytro Oleksiuk (@d_olex) March 14, 2018

First read of the AMDFLAWS whitepaper (no real technical details given) is: “over-hyped beyond belief”.

This is a whitepaper worthy of an ICO.

And yes, that is meant to be an insult.

— Arrigo Triulzi (@cynicalsecurity) March 13, 2018

While vulns in PSP firmware are bad enough (impacts fTPM, SEV, BIOS secure boot), no one is asking why compromising PSP allows bypassing Win10 VSM (read “IOMMU”) and SMM (read “SMRAM memory controller protections”).

— Yuriy Bulygin (@c7zero) March 13, 2018

This likely indicates that PSP can modify memory map protections and IOMMU config

— Yuriy Bulygin (@c7zero) March 13, 2018

While vulns in PSP firmware are bad enough (impacts fTPM, SEV, BIOS secure boot), no one is asking why compromising PSP allows bypassing Win10 VSM (read “IOMMU”) and SMM (read “SMRAM memory controller protections”).

— Yuriy Bulygin (@c7zero) March 13, 2018

what idiot called it amdflaws and not EPYCfailhttps://t.co/y4zEt1o67H

— cron mom (@sophaskins) March 13, 2018

Most of AMD vulns from amdflaws has the same impact as any other SMM issues. The interesting one is code execution on Secure Processor. But looks like it's related to fTPM issue with the same impact (https://t.co/zlyAiPx0XJ). Also on ASUS hardware BIOS security is always broken.

— Alex Matrosov (@matrosov) March 13, 2018

Note: there will be no “second read” of the AMDFLAWS whitepaper because none is required.

It is a phishing document to lure small traders.

— Arrigo Triulzi (@cynicalsecurity) March 13, 2018

New professions for 2018: “Vulnerability Website Manager”
“Vulnerability Hyper”
“Short-seller Relationship Manager”
“Vulnerability Disclaimer Creator”
“Sherlock-based Vulnerability Researcher”

— Arrigo Triulzi (@cynicalsecurity) March 13, 2018

Folks, the CTS lawyers are out… “they are not statements of fact”.

So, are they vulnerabilities or not?

If they are not statements of fact they are fiction. https://t.co/KLyhvX5kvp

— Arrigo Triulzi (@cynicalsecurity) March 13, 2018

AMD vulns: RYZENFALL, masterkey, Fallout, Chimera

March 13, 2018 ~ hucktech ~ Leave a comment

https://amdflaws.com/

http://www.cts-labs.com/

New hardware vulnerabilities discovered that allow bypass of secure boot and code execution. AMD had 24h to respond to the notice before public announcement, so more details certainly forthcoming.https://t.co/9eTsoZXUE8

— Jake Williams (@MalwareJake) March 13, 2018

In celebration, we just added the "AMD" discount code for our upcoming event. Use code "AMD" and get 10% off. https://t.co/5MaNblKQbJ

— Hardware Security Training (@SecureHardware) March 13, 2018

Short-seller Viceroy Research will be on @HalftimeReport today at Noon to discuss the new CTS Labs report alleging security flaws in $AMD chips.

— Scott Wapner (@ScottWapnerCNBC) March 13, 2018

pwrtest.efi – UEFI Shell developer tool to test Intel/AMD RTC wake function

February 5, 2018 ~ hucktech ~ Leave a comment

The pwrtest.efi is an UEFI Shell tool that help developer to confirm RTC wake function from a system(Support on both Intel and AMD platform). Usage:

pwrtest -s3 -t 10 -w 60 ; 系統會在10 sec delay 後進入S3，然後在60 sec 後喚醒(Wake up)
pwrtest [-h|-s3|-s4|-s5|-s|-ss|-sx|-cb|-r]
-h help
-s3|-s4|-s5 ;選擇系統的Sx State (Intel platform)
-cb ;做coldboot ，我是透過 gRT->ResetSystem() 方式去做的
-ss ; 做Shutdown，我是透過 gRT->ResetSystem() 方式去做的
-sx value ; 支援AMD platform去做Sx State，因為填的SLP_TYP值不同.
value = 3/4/5 for AMD platform(S3/S4/S5)
value = 5/6/7 for Intel Platform (S3/S4/S5)
e.g,
pwrtest -sx 4 -t 5 -w 30 ; For AMD Platform, Put system to S4 after 5 sec, then wake after 30 sec.
pwrtest -sx 6 -t 5 -w 30 ; For INTEL Platform, Put system to S4 after 5 sec, then wake after 30 sec.
pwrtest -s3 -t 5 -w 30 ; For INTEL Platform, Put system to S3 after 5 sec, then wake after 30 sec.
pwrtest -r ; Warm boot
pwrtest -cb ; Cold boot
[…]

See URL to password-protected live.com-hosted zip containing freeware binary (not open source) in blog post.

http://biosengineer.blogspot.com/2018/02/uefi-shell-utility-pwrtestefi.html

The microarchitecture of Intel, AMD and VIA CPUs: An optimization guide for assembly programmers and compiler makers

February 1, 2018 ~ hucktech ~ Leave a comment

A. Fog, “The microarchitecture of Intel, AMD and VIA CPUs” (a little light reading for Thursday) #pdf https://t.co/m3IkFXRj3y

— Arrigo Triulzi (@cynicalsecurity) February 1, 2018

The microarchitecture of Intel, AMD and VIA CPUs
An optimization guide for assembly programmers and compiler makers
By Agner Fog. Technical University of Denmark.
Copyright © 1996 – 2017. Last updated 2017-05-02.

Click to access microarchitecture.pdf

AMD: Software techniques for managing speculation on AMD processors

January 26, 2018 ~ hucktech ~ Leave a comment

#AMD released the "Software techniques for managing speculation on AMD processors" pdf with the IBSB, STIBP, IBRS features and other #Spectre mitigation techniques https://t.co/sME1hqIRtY pic.twitter.com/KSF4noY3QS

— InstLatX64 (@InstLatX64) January 26, 2018

https://t.co/34ULq5JywA
Sorry!

— InstLatX64 (@InstLatX64) January 26, 2018

Click to access Managing-Speculation-on-AMD-Processors.pdf

White Paper: SOFTWARE TECHNIQUES FOR MANAGING SPECULATION ON AMD PROCESSORS

Speculative execution is a basic principle of all modern processor designs and is critical to support high performance hardware. Recently, researchers have discussed techniques to exploit the speculative behavior of x86 processors and other processors to leak information to unauthorized code * . This paper describes software options to manage speculative execution on AMD processors ** to mitigate the risk of information leakage. Some of these options require a microcode patch that exposes new features to software. The software exploits have recently developed a language around them to make them easier to reference so it is good to review them before we start discussing the architecture and mitigation techniques.

a bit more on AMD PSP vuln

January 12, 2018 ~ hucktech ~ 1 Comment

No CVE(s) from US-CERT/NIST/MITRE/NVD.
No AMD tracking id or public response from AMD.
No response from AMD support on the below question on their support forums.

AFAICT, AMD does not have a security advisories page, just occasional announcements on the main PR site. Intel does. Then again, AFAICT, neither does ARM.

Researcher clarifies original statement a bit:

http://seclists.org/fulldisclosure/2018/Jan/21

“I would like to clarify that here “remote” means remote code execution on
the TPM component. To mount the attack, local host access is still required.
Sorry if it caused any confusion.”

A code exec bug in AMD PSP module implementing TPM. PSP is similar to #IntelME. Key Qs:
1. Does PSP/fTPM have access to host memory?
2. How well is fTPM module isolated from the rest of the PSP?
3. How asynchronous is PSP execution with regards to the host? https://t.co/cSD1lzt3Kb

— Joanna Rutkowska (@rootkovska) January 8, 2018

https://community.amd.com/thread/224328

https://www.theregister.co.uk/2018/01/06/amd_cpu_psp_flaw/

http://www.amd.com/en/technologies/security

microcode

January 8, 2018January 9, 2018 ~ hucktech ~ 1 Comment

[Someone just asked me a microcode question, I was digging up some pointers to a microcode tool for someone, ended up cleaning out my browser’s microcode-related bookmarks, and thought I mine as well post a blog entry of the links…]

Intel, AMD & VIA CPU Microcode Repositories! A community assisted project aimed to collect all the latest PRD CPU microcodes since 1995 from the three main vendors in order to help people understand what they need to update, to research how they work etc. https://t.co/WtdUWtVoEi

— Plato Mavropoulos (@platomaniac) January 6, 2018

https://github.com/platomav/MCExtractor
https://www.win-raid.com/t3355f47-Intel-AMD-amp-VIA-CPU-Microcode-Repositories.html#msg45883

https://github.com/RUB-SysSec/Microcode
http://syssec.rub.de/research/publications/microcode-reversing/
see below video:

https://github.com/torvalds/linux/blob/master/Documentation/x86/microcode.txt
https://github.com/torvalds/linux/tree/master/arch/x86/kernel/cpu/microcode

https://community.amd.com/thread/216246
https://en.wikipedia.org/wiki/Microcode
https://linux.die.net/man/8/microcode_ctl
http://manpages.ubuntu.com/manpages/zesty/man8/iucode_tool.8.html
http://manpages.ubuntu.com/manpages/precise/en/man8/microcode_ctl.8.html
http://manpages.ubuntu.com/manpages/precise/en/man8/update-intel-microcode.8.html
https://askubuntu.com/questions/545925/how-to-update-intel-microcode-properly
https://www.pcsuggest.com/update-cpu-microcode-in-linux/
http://www.linuxfromscratch.org/blfs/view/svn/postlfs/firmware.html
https://flossexperiences.wordpress.com/2013/11/17/updating-microcodes/
https://support.mozilla.org/en-US/kb/microcode-update
https://lists.debian.org/debian-security/2016/03/msg00084.html

https://wiki.debian.org/Microcode
https://wiki.gentoo.org/wiki/Intel_microcode
https://wiki.archlinux.org/index.php/microcode

http://blog.fpmurphy.com/2016/12/python-3-utilities-for-parsing-intel-microcode.html

Everything you want to know about x86 microcode, but might have been afraid to askhttps://t.co/CQrtJoVL1q https://t.co/yq2fKADJ7r
Slides: https://t.co/P7HAP9cnmB https://t.co/bTF9ifKb8Z
Benjamin Kollenda & Philipp Koppe #34C3

— Matt (@matt_dz) December 29, 2017

AMD Updates Programmer’s Manual

January 8, 2018 ~ hucktech ~ Leave a comment

AMD64 Architecture
Programmer’s Manual
Volume 2:
System Programming

Revision Date: December 2017

Click to access 24593.pdf

Here’s the complete changelog for this update:

Modified Sections 7.10.1 and 7.10.4.
Modified Sections 15.34.1, 15.34.7.
Added new Section 15.34.10.
Modified Section 15.35.10.
Modified Appendix A, Table A-7.

Not too useful, I wish I could diff PDFs better. I wish the writers would spend a few moments more on the changelog. Here’s the titles of the above sections:

7.10.1 Determining Support for Secure Memory Encryption
7.10.4 Page Table Support
15.34.1 Determining Support for SEV
15.34.7 Restrictions
15.34.10 SEV_STATUS MSR
15.35.10 Control Register Write Traps
Table A-7: Secure Virtual Machine MSRs

AMD PSP vuln: fTPM remote code execution

January 6, 2018January 6, 2018 ~ hucktech ~ Leave a comment

Busy year for processor security so far…

http://seclists.org/fulldisclosure/2018/Jan/12

AMD-PSP: fTPM Remote Code Execution via crafted EK certificate

From: Cfir Cohen via Fulldisclosure <fulldisclosure () seclists org>
Date: Wed, 3 Jan 2018 09:40:40 -0800

AMD PSP is a dedicated security processor built onto the main CPU die. ARM TrustZone provides an isolated execution environment for sensitive and privileged tasks, such as main x86 core startup. [..] The fTPM trustlet code was found in Coreboot’s git repository [5] and in several BIOS update files. […] This research focused on vendor specific code that diverged from the TCG spec. […] As far as we know, general exploit mitigation technologies (stack cookies, NX stack, ASLR) are not implemented in the PSP environment. […] Credits: This vulnerability was discovered and reported to AMD by Cfir Cohen of the Google Cloud Security Team.

Timeline
========
09-28-17 – Vulnerability reported to AMD Security Team.
12-07-17 – Fix is ready. Vendor works on a rollout to affected partners.
01-03-18 – Public disclosure due to 90 day disclosure deadline.

Jesus Christ https://t.co/y9KLZgdK06

— Matthew Garrett (@mjg59) January 5, 2018

AMD to add option to disable PSP?

December 7, 2017 ~ hucktech ~ Leave a comment

Phoronix is reporting that Reddit claims that AMD has enabled an option to disable the PSP (Platform Security Processor, the AMD equivalent to Intel’s ME). Interesting if that is the case, please leave a Comment if you have more info on this.

#AMD Reportedly Allows Disabling #PSP Secure Processor With Latest #AGESA https://t.co/syEybpCobV

— Phoronix (@phoronix) December 7, 2017

https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSP-Disable-Option

AMD Listened to us, and added a PSP disable option in their new AGESA version! from linuxmasterrace

Patroklos on microcode reversing

September 14, 2017 ~ hucktech ~ Leave a comment

Patroklos (argp) Argyroudis has a new document on microcode reversing:

My brief notes on "Reverse engineering x86 processor microcode": https://t.co/ywfkmZyG6o

— argp (@_argp) September 14, 2017

“Paper notes: Reverse engineering x86 processor microcode
14 Sep 2017”

https://argp.github.io/2017/09/14/re-x86-microcode/