Dice Question Streamline Icon: https://streamlinehq.com

Observability of cache-state differences for additional kernel TIKTAG gadgets

Ascertain whether the additional potentially exploitable TIKTAG gadgets identified in the Linux kernel can produce a measurable cache-state difference between Memory Tagging Extension (MTE) tag match and mismatch when executed through realistic system call paths, thereby confirming tag leakage and exploitability without kernel code modifications.

Information Square Streamline Icon: https://streamlinehq.com

Background

Beyond a demonstrated kernel gadget in snd_timer_user_read, the authors manually identified several more potentially exploitable TIKTAG gadgets. However, their experiments did not observe cache-state differences indicative of tag leakage for these additional candidates.

The lack of observable cache-state differences may stem from complex kernel control flows that interfere with speculation shrinkage, or other microarchitectural factors. Determining whether these gadgets can be made to leak tags in unmodified kernels via system calls remains an explicit unresolved question highlighted by the authors.

References

We discovered several more potentially exploitable gadgets, but we were not able to observe the cache state difference between the tag match and mismatch.

TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution (2406.08719 - Kim et al., 13 Jun 2024) in Section 6.2.2