Overview
This course aims to provide an in-depth understanding of Fuchsia's mitigations for specific CPU side-channel attacks. The learning outcomes include enumerating existing CPU side-channels, exploring mitigation strategies in operating systems, and applying these mitigations to Fuchsia. The course covers skills such as handling user, kernel, and hypervisor attacks across x86 and ARM processors. The teaching method involves walking through the engineering work of implementing mitigations and testing them. This course is intended for developers and engineers interested in understanding and mitigating CPU side-channel attacks in their codebases.
Syllabus
Introduction
Meltdown
Indirect Branch Predictor
Retpill
Indirect Branch Prediction Barrier
Indirect Branch Restricted Speculation
Enhanced IBRs
L1 Terminal Fault
L1 Terminal Fault Mitigation
MDS Mitigation
Spectre Variant 1
Bounce Check
Taught by
Black Hat