AMD EPYC Secure Encrypted Virtualization Not So Secure: Researchers

btarunr · May 28, 2018

Secure Encrypted Virtualization (SEV) was touted as one of the killer features of AMD EPYC and Ryzen Pro series processors. It involves encryption of parts of the memory of the host machine which house virtual machines (or guests), with encryption keys stored on the processor, so the host has no scope of infiltrating or reading the contents of the guest's memory. This was designed to build trust in cloud-computing and shared hosting industries, so web-present small businesses with sensitive data could have some peace of mind and wouldn't have to spend big on dedicated hosting. A Germany-based IT security research team from Fraunhofer AISEC, thinks otherwise.

Using a technique called "SEVered," the researchers were able to use rogue host-level administrator, or malware within a hypervisor, to bypass SEV and copy decrypted information from the guest machine's memory. The exploit involves alteration of the guest machine's physical memory mappings using standard page tables, so SEV can't properly isolate and encrypt parts of the guest in the physical memory. The exploit is so brazen, that you could pull plaintext information out of compromised guests. The researchers published a paper on SEVered, along with technical details of the exploit.

View at TechPowerUp Main Site

Assimilator · May 28, 2018

While it's great that we're finally getting real security people looking at CPUs, it's terrifying that the manufacturers themselves never did this due diligence.

RejZoR · May 28, 2018

Assimilator said:
While it's great that we're finally getting real security people looking at CPUs, it's terrifying that the manufacturers themselves never did this due diligence.

I think main problem is when you design your thing, you're too confident it's designed well. About similar as to how developers are generally incapable of placing themselves on an user level when it comes to UI/UX design choices or how to design features. They always look at it from their perspective. And while you need to be an expert to design such things, that doesn't mean you're actually the best one to evaluate the design. We'll never be able to get rid of them all, but they'll have to make 2 things, either CPU's easier to patch up without buying a new one or waiting months for BIOS update that may even never come (which opens them to new attacks at the same time) or make rigorous audits with large security firms before launching products to market. But again, it'll never be possible to make it 100%.

Frankly, till now, no one really gave much concern, not even bad guys. But after Spectre and meltdown, I bet a lot of them are now focused poking CPU's. If one thing worked, chances are, something else will too. And here is the product of that.

Patriot · May 28, 2018

Assimilator said:
While it's great that we're finally getting real security people looking at CPUs, it's terrifying that the manufacturers themselves never did this due diligence.

While I do like the more security focused results... this is yet another improper release... yes it's a vulnerability, that requires owning the system.
It's like everything with a catchy name and lacking a CV requires root access... heck, they even had to make a custom version of KVM for this to even work.

jango_k · May 28, 2018

They are REPLACING the host hypervisor with a new one which is specifically allowed to snoop in the memory accesses. And they still need a VM on the same host to be a web server of allow other kind of memory access to the same ram as the target VM. This cannot be done in a datacenter without collusion with IT administrators from the whole chain of command.
Blaming the manufacturer because the product does not behave the same after the user flashes a new bios is unfathomable.
Even CTS Labs would not stoop so low as to report this a vulnerability.

Space Lynx · May 28, 2018

jango_k said:
They are REPLACING the host hypervisor with a new one which is specifically allowed to snoop in the memory accesses. And they still need a VM on the same host to be a web server of allow other kind of memory access to the same ram as the target VM. This cannot be done in a datacenter without collusion with IT administrators from the whole chain of command.
Blaming the manufacturer because the product does not behave the same after the user flashes a new bios is unfathomable.
Even CTS Labs would not stoop so low as to report this a vulnerability.

I didn't understand half of that, but I like your style. I myself am AMD for life for gaming.

TheGuruStud · May 28, 2018

jango_k said:
They are REPLACING the host hypervisor with a new one which is specifically allowed to snoop in the memory accesses. And they still need a VM on the same host to be a web server of allow other kind of memory access to the same ram as the target VM. This cannot be done in a datacenter without collusion with IT administrators from the whole chain of command.
Blaming the manufacturer because the product does not behave the same after the user flashes a new bios is unfathomable.
Even CTS Labs would not stoop so low as to report this a vulnerability.

I knew this was the case before I even read it. AMD has done a very solid job on Zen and everyone is looking to discredit them any way possible.

theGryphon · May 28, 2018

jango_k said:
They are REPLACING the host hypervisor with a new one which is specifically allowed to snoop in the memory accesses. And they still need a VM on the same host to be a web server of allow other kind of memory access to the same ram as the target VM. This cannot be done in a datacenter without collusion with IT administrators from the whole chain of command.
Blaming the manufacturer because the product does not behave the same after the user flashes a new bios is unfathomable.
Even CTS Labs would not stoop so low as to report this a vulnerability.

Yeah, I read the paper, and the attack requires modification at the host.

Quoting the paper,
"As malicious HV, we used Kernel-based Virtual Machine (KVM) and modified it to execute our attack. To realize our tracking mechanism, we extended the KVM infrastructure for guest write access tracking [7] to track all kinds of accesses. We furthermore extended KVM with functionality to alter memory mappings for the extraction phase. Both features can be controlled by the attacker in the host Linux running the target VM. "

Someone explain to me, if one can do this, wouldn't they also be able to, idk, disable SEV altogether, and/or do something exponentially more evil and harmful?

Heck, an evil host can "claim" encryption and not have it, and plainly read/collect all data at the guest... am I wrong?

R0H1T · May 28, 2018

Assimilator said:
While it's great that we're finally getting real security people looking at CPUs, it's terrifying that the manufacturers themselves never did this due diligence.

There's a lot that can happen between design phase & its implementation. Just look at branch prediction for example.

TheGuruStud said:
I knew this was the case before I even read it. AMD has done a very solid job on Zen and everyone is looking to discredit them anyway possible.

While I agree with the sentiment, I do believe AMD as well as Intel need to work with 3rd party independent security research firms more to find exploits in their uarches before malicious actors or govts do, especially after GPZ et al. This is assuming they didn't place it there in the first place.

progste · May 28, 2018

A new "security issue" that requires administrator priviledge, already has a cool name to go with it and was released immediately to the press without alerting the manufacturer... Sounds familiar?

dwade · May 28, 2018

The damage control team is already doing work.

techy1 · May 28, 2018

I do not read other tech news, so please tell me - do they all copy/paste this BS ( I did not mean "copy/paste" - of course I did mean: "press release the most important and relevant news carefully evaluating and reading through to determine each information truth and factual integrity before publishing")? or is it just TPU?

silentbogo · May 28, 2018

There's one more thing that looks suspicious.
Their paper is pretty much a slightly modified copycat of this one, published by members of Tangram Technologies from Shanghai back in December.

https://arxiv.org/ftp/arxiv/papers/1712/1712.05090.pdf

Their team lead, ZhaoHui Du, is very notable for being an Intel researcher and software engineer for almost 18 years. It's not a red flag by any means, but considering that Tangram was founded in 2017, it raises some concerns and suspicions.

john_ · May 28, 2018

In the not so far future....

"We then simply created a hardware adaptor that we inserted between the AMD processors and the socket. Thanks to that simple to make adaptor (if you are a multi billion company with decades of expertise) we could easily have access to the information the processor was processing"

jigar2speed · May 28, 2018

Intel trying desperately to stop AMD from entering Server market by legitimately discrediting them via proxy security companies ? Meanwhile people here are arguing how bad AMD CPU security is forgetting Intel Spectre vulnerability spree hasn't ended yet.

dwade said:
The damage control team is already doing work.

Ever wonder why below news wasn't published or received much of lime light ?

8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUs

https://thehackernews.com/2018/05/intel-spectre-vulnerability.html

Totally · May 28, 2018

Is there any form of chip level security that can withstand such an attack? I feel like this is just as moot point, maligning a front door lock because a burglar drove a bulldozer through the back of the house and had his pick of the valuables inside.

Capitan Harlock · May 28, 2018

This kind of move without inform whoever is the company of the product is so lame .
Is like discovering a bad batch of tomatoes and instead of inform the seller you go to the press and saying stuff .
This don't make any sense .
Amd should take them to court because is not right at all .
Makes me wonder if someone is a shill there.

ghazi · May 28, 2018

Capitan Harlock said:
This kind of move without inform whoever is the company of the product is so lame .
Is like discovering a bad batch of tomatoes and instead of inform the seller you go to the press and saying stuff .
This don't make any sense .
Amd should take them to court because is not right at all .
Makes me wonder if someone is a shill there.

In my eyes it's no coincidence that AMD is being targeted in this way. Exploit revealed to the press without the company being informed first, "exploit" that requires a machine to already be heavily compromised (but that's not made particularly clear in the press reports), a serious-sounding name given to the exploit to try to spread word of it and get people to remember it, and just the whole thing generally being way overhyped for what it is. And let's not mention the thing about there being another article on the same website that reports basically the same thing, but the lead author is a long-time Intel employee.

Thankfully this didn't come with a ridiculous press deck, greenscreen videos, or blatant stock manipulation attempt like the CTS Labs "exploits". If anything this looks more like an attempt to damage AMD's reputation in the data center market, rather than a short play.

Imsochobo · May 28, 2018

Totally said:
Is there any form of chip level security that can withstand such an attack? I feel like this is just as moot point maligning a front door lock because a burglar drove a bulldozer through the back of the house.

You can disallow the user from doing what he wants?

PowerPC · May 28, 2018

Fraunhofer AISEC, the people that published this paper, come more from the academic side. Their institutes are funded by the state of Germany. It could just be that some students there needed to write a paper for their final examination and just happened to have access to an EPYC CPU. Not everything needs to be a big conspiracy by Intel. Of course they are going to publish it because applied IT-security is now a normal field of research and Fraunhofer AISEC is their "Institute for Applied and Integrated Security". They have to write papers and publish them, that's basically what they do all day.

I don't know their protocol on how they inform these companies, though. Maybe some contact already took place and AMD just didn't bother to release it themselves. But I'm guessing a state funded research institute will probably have some protocol like that in place.

Aquinus · May 28, 2018

btarunr said:
the researchers were able to use rogue host-level administrator, or malware within a hypervisor, to bypass SEV and copy decrypted information from the guest machine's memory.

Just in, my machine might be compromised if I give away my IP address, the port SSH is running on, my private key, and my password to an account with sudo access. :kookoo:

eidairaman1 · May 28, 2018

Capitan Harlock said:
This kind of move without inform whoever is the company of the product is so lame .
Is like discovering a bad batch of tomatoes and instead of inform the seller you go to the press and saying stuff .
This don't make any sense .
Amd should take them to court because is not right at all .
Makes me wonder if someone is a shill there.

Slander and libel on this.

Patriot · May 28, 2018

dwade said:
The damage control team is already doing work.

*the group requiring honest reporting, This bullshit is published and ignores the actual issues.

Another side channel attack that is legitimate and effects Intel, AMD and ARM
“Speculative Store Bypass”
https://www.theverge.com/2018/5/21/...nerability-speculative-store-bypass-variant-4

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
https://www.amd.com/en/corporate/security-updates

DeathtoGnomes · May 28, 2018

ahhh more BS that requires administrator access.

Foobario · May 28, 2018

silentbogo said:
There's one more thing that looks suspicious.
Their paper is pretty much a slightly modified copycat of this one, published by members of Tangram Technologies from Shanghai back in December.

https://arxiv.org/ftp/arxiv/papers/1712/1712.05090.pdf

Their team lead, ZhaoHui Du, is very notable for being an Intel researcher and software engineer for almost 18 years. It's not a red flag by any means, but considering that Tangram was founded in 2017, it raises some concerns and suspicions.

Seems Intel has been funding a lot of research projects since the release of Zen. This is the second that has gained attraction in the internet media space.

I will become concerned when some of their poking and prodding of Ryzen/Epyc results in a weakness that doesn't require the perpetrator to have total access to the system they are trying to attack.

Next funded Intel hit piece will suggest that server farms using Epyc are susceptible to power outages should someone with a ladder and dynamite gain access to the transformer leading to the data center. And, of course, a desire to blow up the transformer.

Of course, this Epyc vulnerability will also require an inside man that can disable the backup power source within the data center.

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	ASUS ROG Strix B450-E Gaming
Cooling	DeepCool Gammax L240 V2
Memory	2x 8GB G.Skill Sniper X
Video Card(s)	Palit GeForce RTX 2080 SUPER GameRock
Storage	Western Digital Black NVMe 512GB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	Firelance.
Processor	Threadripper 3960X
Motherboard	ROG Strix TRX40-E Gaming
Cooling	IceGem 360 + 6x Arctic Cooling P12
Memory	8x 16GB Patriot Viper DDR4-3200 CL16
Video Card(s)	MSI GeForce RTX 4060 Ti Ventus 2X OC
Storage	2TB WD SN850X (boot), 4TB Crucial P3 (data)
Display(s)	3x AOC Q32E2N (32" 2560x1440 75Hz)
Case	Enthoo Pro II Server Edition (Closed Panel) + 6 fans
Power Supply	Fractal Design Ion+ 2 Platinum 760W
Mouse	Logitech G602
Keyboard	Razer Pro Type Ultra
Software	Windows 10 Professional x64

System Name	[H]arbringer
Processor	4x 61XX ES @3.5Ghz (48cores)
Motherboard	SM GL
Cooling	3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory	16x gskill DDR3 1600 cas6 2gb
Video Card(s)	blah bigadv folder no gfx needed
Storage	32GB Sammy SSD
Display(s)	headless
Case	Xigmatek Elysium (whats left of it)
Audio Device(s)	yawn
Power Supply	Antec 1200w HCP
Software	Ubuntu 10.10
Benchmark Scores	http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww

Processor	OCed 5800X3D
Motherboard	Asucks C6H
Cooling	Air
Memory	32GB
Video Card(s)	OCed 6800XT
Storage	NVMees
Display(s)	32" Dull curved 1440
Case	Freebie glass idk
Audio Device(s)	Sennheiser
Power Supply	Don't even remember

System Name	3950X Workstation
Processor	AMD Ryzen 9 3950X
Motherboard	ASUS Crosshair VIII Impact
Cooling	Cryorig C1 with Noctua NF-A12x15
Memory	G.Skill F4-3600C16D-32GTZNC
Video Card(s)	ASUS GTX 1650 LP OC
Storage	2 x Corsair MP510 1920GB M.2 SSD
Case	Realan E-i7
Power Supply	G-Unique 400W
Software	Win 10 Pro
Benchmark Scores	https://smallformfactor.net/forum/threads/the-saga-of-the-little-gem-continues.12877/

AMD EPYC Secure Encrypted Virtualization Not So Secure: Researchers

btarunr

Editor & Senior Moderator

Assimilator

RejZoR

Patriot

jango_k

New Member

Space Lynx

Astronaut

TheGuruStud

theGryphon

R0H1T

progste

dwade

techy1

silentbogo

Moderator

john_

jigar2speed

Totally

Capitan Harlock

ghazi

Imsochobo

PowerPC

Aquinus

Resident Wat-man

eidairaman1

The Exiled Airman

Patriot

DeathtoGnomes

Foobario

System Name	Off-Brand PC System
Processor	2990WX
Motherboard	X399
Cooling	Wraithripper
Video Card(s)	Vega 64
Benchmark Scores	Less than Intel and Nvidia

System Name	gamingPZ
Processor	i7-6700k
Motherboard	Asrock Z170M Pro4S
Cooling	scythe mugen4
Memory	32GB ddr4 2400mhz crucial ballistix sport lt
Video Card(s)	gigabyte GTX 1070 ti
Storage	ssd - crucial MX500 1TB
Case	silverstone sugo sg10
Power Supply	Evga G2 650w
Software	win10

System Name	WS#1337
Processor	Ryzen 7 3800X
Motherboard	ASUS X570-PLUS TUF Gaming
Cooling	Xigmatek Scylla 240mm AIO
Memory	4x8GB Samsung DDR4 ECC UDIMM
Video Card(s)	MSI RTX 3070 Gaming X Trio
Storage	ADATA Legend 2TB + ADATA SX8200 Pro 1TB
Display(s)	Samsung U24E590D (4K/UHD)
Case	ghetto CM Cosmos RC-1000
Audio Device(s)	ALC1220
Power Supply	SeaSonic SSR-550FX (80+ GOLD)
Mouse	Logitech G603
Keyboard	Modecom Volcano Blade (Kailh choc LP)
VR HMD	Google dreamview headset(aka fancy cardboard)
Software	Windows 11, Ubuntu 24.04 LTS

System Name	3 desktop systems: Gaming / Internet / HTPC
Processor	Ryzen 5 5500 / Ryzen 5 4600G / FX 6300 (12 years latter got to see how bad Bulldozer is)
Motherboard	MSI X470 Gaming Plus Max (1) / MSI X470 Gaming Plus Max (2) / Gigabyte GA-990XA-UD3
Cooling	Νoctua U12S / Segotep T4 / Snowman M-T6
Memory	32GB - 16GB G.Skill RIPJAWS 3600+16GB G.Skill Aegis 3200 / 16GB JUHOR / 16GB Kingston 2400MHz (DDR3)
Video Card(s)	ASRock RX 6600 + GT 710 (PhysX)/ Vega 7 integrated / Radeon RX 580
Storage	NVMes, ONLY NVMes/ NVMes, SATA Storage / NVMe boot(Clover), SATA storage
Display(s)	Philips 43PUS8857/12 UHD TV (120Hz, HDR, FreeSync Premium) ---- 19'' HP monitor + BlitzWolf BW-V5
Case	Sharkoon Rebel 12 / CoolerMaster Elite 361 / Xigmatek Midguard
Audio Device(s)	onboard
Power Supply	Chieftec 850W / Silver Power 400W / Sharkoon 650W
Mouse	CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Keyboard	CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Software	Windows 10 / Windows 10&Windows 11 / Windows 10

Processor	i5 4670K - @ 4.8GHZ core
Motherboard	MSI Z87 G43
Cooling	Thermalright Ultra-120 *(Modded to fit on this motherboard)
Memory	16GB 2400MHZ
Video Card(s)	HD7970 GHZ edition Sapphire
Storage	Samsung 120GB 850 EVO & 4X 2TB HDD (Seagate)
Display(s)	42" Panasonice LED TV @120Hz
Case	Corsair 200R
Audio Device(s)	Xfi Xtreme Music with Hyper X Core
Power Supply	Cooler Master 700 Watts

System Name	Miami
Processor	Ryzen 3800X
Motherboard	Asus Crosshair VII Formula
Cooling	Ek Velocity/ 2x 280mm Radiators/ Alphacool fullcover
Memory	F4-3600C16Q-32GTZNC
Video Card(s)	XFX 6900 XT Speedster 0
Storage	1TB WD M.2 SSD/ 2TB WD SN750/ 4TB WD Black HDD
Display(s)	DELL AW3420DW / HP ZR24w
Case	Lian Li O11 Dynamic XL
Audio Device(s)	EVGA Nu Audio
Power Supply	Seasonic Prime Gold 1000W+750W
Mouse	Corsair Scimitar/Glorious Model O-
Keyboard	Corsair K95 Platinum
Software	Windows 10 Pro

System Name	Xeon build X58 / Main Rig X79
Processor	Intel Xeon x5650 @ 4.2Ghz with HT / Xeon E5 1680 v2 @4.5Ghz
Motherboard	Asus Rampage II Extreme socket 1366 / Asus P9X79 Pro socket 2011
Cooling	Thermalright Archon +Ty 140mm\|Fans : 2 front-1top-1rear-1bottom/ Gelid Phantom Twin Tower
Memory	16gb DDR3 1600mhz Kingstone Hyper x Quad Channel / 16gb DDR3 1600MHZ Patriot Viper 3
Video Card(s)	Sapphire hd 7950 3gb Boost edition dual fan X / ZOTAC 1080 Ti Blower Edition
Storage	INTENSO ssd sata 3 240gb+Seagate B 2Tb+WD g 1tb+WD g 3tb+WD r 3tb+Seagate B 4tb+Lexar 2Tb NVMe
Display(s)	AOC E2460S 24" 1080p 60hz 1ms / LG 32UK550B 32" UHD 4K HDR 10 with Freesync
Case	Enermax Phoenix / Fractal Design Arc midi soon Silverstone Raven rv01 when i get some stuff
Audio Device(s)	SoundMaxHD+5.1 BHT1100 BLUESKY,Fiio E10 Olympus+SuperluxHD668b+KZ HBB pr2,Superlux E205.
Power Supply	Sharkoon WPM Gold Zero 650W semi modular / Corsair RM 850 Fully Modular
Mouse	Generic Mice / Corsair M90
Keyboard	Generic Keyboard / Microsoft WK600
Software	Windows 10 Pro 64 /Windows 10 Pro 64

Processor	R9 5800x3d \| R7 3900X \| 4800H \| 2x Xeon gold 6142
Motherboard	Asrock X570M \| AB350M Pro 4 \| Asus Tuf A15
Cooling	Air \| Air \| duh laptop
Memory	64gb G.skill SniperX @3600 CL16 \| 128gb \| 32GB \| 192gb
Video Card(s)	RTX 4080 \|Quadro P5000 \| RTX2060M
Storage	Many drives
Display(s)	AW3423dwf.
Case	Jonsbo D41
Power Supply	Corsair RM850x
Mouse	g502 Lightspeed
Keyboard	G913 tkl
Software	win11, proxmox

System Name	Apollo
Processor	Intel Core i9 9880H
Motherboard	Some proprietary Apple thing.
Memory	64GB DDR4-2667
Video Card(s)	AMD Radeon Pro 5600M, 8GB HBM2
Storage	1TB Apple NVMe, 4TB External
Display(s)	Laptop @ 3072x1920 + 2x LG 5k Ultrafine TB3 displays
Case	MacBook Pro (16", 2019)
Audio Device(s)	AirPods Pro, Sennheiser HD 380s w/ FIIO Alpen 2, or Logitech 2.1 Speakers
Power Supply	96w Power Adapter
Mouse	Logitech MX Master 3
Keyboard	Logitech G915, GL Clicky
Software	MacOS 12.1

System Name	PCGOD
Processor	AMD FX 8350@ 5.0GHz
Motherboard	Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling	Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory	16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s)	AMD Radeon 290 Sapphire Vapor-X
Storage	Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s)	NEC Multisync LCD 1700V (Display Port Adapter)
Case	AeroCool Xpredator Evil Blue Edition
Audio Device(s)	Creative Labs Sound Blaster ZxR
Power Supply	Seasonic 1250 XM2 Series (XP3)
Mouse	Roccat Kone XTD
Keyboard	Roccat Ryos MK Pro
Software	Windows 7 Pro 64

System Name	Dumbass
Processor	AMD Ryzen 7800X3D
Motherboard	ASUS TUF gaming B650
Cooling	Artic Liquid Freezer 2 - 420mm
Memory	G.Skill Sniper 32gb DDR5 6000
Video Card(s)	GreenTeam 4070 ti super 16gb
Storage	Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s)	1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case	Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s)	onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply	Corsair HX1000i
Mouse	Steeseries Esports Wireless
Keyboard	Corsair K100
Software	windows 10 H
Benchmark Scores	https://i.imgur.com/aoz3vWY.jpg?2