公开(公告)号：US20190004972A1

公开(公告)日：2019-01-03

申请号：US15637524

申请日：2017-06-29

Applicant: Intel Corporation

Inventor： Uri Bear ,  Gyora Benedek ,  Baruch Chaikin ,  Jacob Jack Doweck ,  Reuven Elbaum ,  Dimitry Kloper ,  Elad Peer ,  Chaim Shen-orr ,  Yonatan Shlomovich

IPC: G06F12/14 ,  G06F12/1009

Abstract: Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack.