This repo is now superseded by https://github.com/sev-step/sev-step
This repository contains code to perform controlled channel attacks against AMD SEV. You can use it, to iteratively step through a VM's execution with page fault granularity. In addition, it can report the retired instructions between page faults and allows to easily access the VMs memory.
This was developed as part of the research paper "A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP". The repo with all code for the paper is here. Among other things, it contains multiple helper applications that use this library,
- Apply the patch
linux-kernel-modifications.patchagainst the AMD SEV-SNP Linux kernel repo branchsev-snp-part2-rfc4at commitc1f51e5d9156252cb296630323a7a5608c20edfd - Build the kernel (e.g. using the
my-make-kernel.shscript from the patch - Install the kernel on the host
The kernel patch currently only supports one running VM with one vCPU.
To setup a SEV VM, you can follow the descriptions in the AMD repo.
To avoid version incompatibilities, use the same kernel version as here,
the qemu branch sev-snp-devel and the ovmf branch sev-snp-rfc-5
(see stable-commits file in AMD repo).
However, this library also works against a plain VM, without any SEV
specific Kernel, Qemu or OVMF version
You need to disable transpartent hugepages for the page granular tracking to work correctly. This
can be done e.g. via echo "never" | sudo tee /sys/kernel/mm/transparent_hugepage/enabled
The kernel patch, exposes an ioctl based API that can be used by
any userspace application. The file c_definitions.h contains
the definition of the ioctls and argument structs as well as
documentation on how to use them.
The go code in this repo is just a wrapper around this ioctl api. This simply exists because I was more comfortable to build the (lengthy) attack tools used in the paper in Go instead of C.
The Kernel part will print some status information to dmesg which can be helpful for debugging.