Detecting Intel VT-x from TLB Miss Latency
2022-02-24 | Tags: #research # virtualizationI read a paper called "Detecting hardware-assisted virtualization with inconspicuous features" to detect hardware virtualization. They propose a prime and probe technique to measure tlb miss latency to detect HV. However I couldn't get some points in the paper and tried to contact with authors for code sharing. But I couldn't get a response and some points in the algorithm was very confusing for me. So I changed the algorithm and build a simple flush & reload based technique to measure tlb miss latency. The main idea is based on extended page tables (EPT) which is a hardware support for virtualization in Intel VT-x.
The concept behind EPT is adding an additional translation unit for virtual machines. So there will be additional page walk when a tlb miss occurs. So hardware virtualization can be detected from additional page walk latency. ,
The approach can be listed like:
- Create a target page
- Fill TLB with random pages
- Flush(target_page[0])
- let tlb_cache_miss = Measure Time(target_page[0])
- Flush(target_page[0])
- let cache_miss = Measure Time(target_page[0])
- return tlb_cache_miss - cache_miss
Source code can be reached from: https://github.com/m8/detect_vtx_fr/blob/master/main.cpp
Creating fake pages
First we need to create a page struct.
struct __attribute__ ((aligned (PAGE_SIZE))) Page { char x [PAGE_SIZE] = {0}; };
After that we should create a target page to measure latencies. We will access this page on detection part.
TARGET_PAGE = new Page();
Also we need to create pages to fill TLB. These pages will help us to invalidate target page's address from TLB.
size_t i = 0;
for (i = 0; i < TLB_SET_SIZE; i++)
{
TLB_SET.push_back(new Page());
}
Detection
The first part of the detection algorithm is flushing target cache line and invalidating TLB. There is an instruction called clflush to flush a cache line from all cache levels, in the flush function we just use it.
flush(&TARGET_PAGE->x[0]);
size_t i = 0;
for (i = 0; i < TLB_SET.size(); i++)
{
access_memory(&TLB_SET[i]->x[128]);
}
After that we will access target cache line and this will create both tlb miss and cache miss.
long cache_tlb_miss = measure_latency(&TARGET_PAGE->x[0]);
After that we will flush this line.
flush(&TARGET_PAGE->x[0]);
And measure the access time again. Now this create only a cache miss since we now the page is in TLB. After we can substract these two value and get TLB miss latency.
long cache_miss = measure_latency(&TARGET_PAGE->x[0]);
return cache_tlb_miss-cache_miss;
Results
x: clock cyle y: samples
This was the end of the blog post. You can reach me via email umusasadik at gmail com