21 Aug
2017
21 Aug
'17
12:14 a.m.
In this paper, we reverse engineer the microcode semantics and inner workings of its update mechanism of conventional COTS CPUs on the example of AMD’s K8 and K10 microarchitectures.
Still wondering what was engineering reasons for these families behind such a practice as non-verified microcode updates. Also these families had very interesting uop-update behavior that could be called 'mu-ops cache', where under certain conditions malicious micro-ops could be cached forever, even if the 'good' update has been loaded afterwards.