This is a demonstration of the Meltdown attack, primarily intended for FreeBSD systems.
The code should build and run on most BSD and Linux flavors, on both i386 and amd64 systems. However, the Makefile assumes that you are building on a FreeBSD system, i386 support is only partially implemented, and functionality on non-FreeBSD systems is limited: mdattack
's self-test mode should work, and an actual attack on a carefully selected target may work, but mdcheck
will not. Patches to address these issues are more than welcome.
The mdcheck
tool attempts to determine if your system is vulnerable. The exact method varies from one platform to another. The result is indicated by the exit code: 0 for complete success, 1 for partial success (mostly seen in virtual machines) and 2 for complete failure.
The mdattack
tool performs a Meltdown attack on a designated target specified as a virtual address and a length and prints the result.
TBW
Feel free to clone this repo and submit pull requests. Patches must comply with the FreeBSD style guide.
If these tools do not perform as expected on a supported and presumed-vulnerable system, and you do not have the time and / or experience to track the problem down yourself, please consider providing me with an unprivileged account on said system.
These tools were developed by Dag-Erling Smørgrav for the FreeBSD project with support from the University of Oslo, and published under a three-clause BSD license. See the LICENSE file for further details.