Simple Solution For Spectre
https://github.com/crozone/SpectrePoC/blob/master/spectre.c
In the this POC, we can extract the memory content.
because we have this kind of code, so hackers can use to exploit your memory:
void victim_function(size_t x) {
if (x < array1_size) {
temp &= array2[array1[x] * 512];
}
}
but when we change into this:
void victim_function(size_t x) {
if (x < array1_size) {
for (volatile int z = 0; z <= rand()%10; z++) {}
temp &= array2[array1[x] * 512];
}
}
magic happends:
It's solve by random value barrier for pipeline.
回覆刪除