GoFetch security exploit can't be disabled on M1 and M2 Apple chips
For now, cryptographic work should be run on slower Icestorm cores
The GoFetch vulnerability found on Apple M-series and Intel Raptor Lake CPUs has been further unpacked by the researchers who first disclosed it.
GoFetch is a security exploit that takes advantage of data memory-dependent prefetchers (DMPs), not unlike speculative execution vulnerabilities such as Spectre. Essentially, data can be leaked out of a core's cache when DMP is enabled, creating a potential attack vector for hackers.
DMPs are present on all Apple M-series CPUs and Intel's Raptor Lake processors, and the dedicated website for GoFetch now shows how exactly the exploit is carried out. Within minutes (the footage is sped up so it's hard to say exactly how many), 560 bits of data was leaked from an RSA-protected server.
The GoFetch exploit isn't earth-shattering, as it's in a similar vein to Spectre, Meltdown, and other vectors that rely on a CPU's performance-boosting prediction features. Normally, there are software-based patches for chips that have hardware-level exploits, and usually that just involves disabling the speculative feature (and thus decreasing performance), but in the case of M1 and M2 CPUs, researchers say that's not possible.
The researchers address the common question of whether DMP can be disabled, explaining that yes, but only on some processors. "We observe that the DIT bit set on M3 CPUs effectively disables the DMP. This is not the case for the M1 and M2." So, GoFetch can be solved with a software patch for M3 and Raptor Lake CPUs, but not for M1 and M2 chips since DMP will run no matter what.
It's never good when a feature that increases performance has to be disabled because it leaks potentially sensitive data, but not being able to disable that feature at all is even worse. One workaround is to just blind the DMP to sensitive data whenever it's being stored to or loaded from memory, but the GoFetch paper [PDF] says this would require broad code rewrites and performance penalties in some cases.
However, there is one workaround that doesn't require any code rewrites. Like many modern CPUs, Apple's M-series have two types of cores: big Firestorm cores and little Icestorm cores. The DMP-based GoFetch exploit only works on Firestorm cores, including for M1 and M2 CPUs, and the GoFetch paper suggests all cryptographic work should solely be run on the Icestorm cores for the time being. Running anything on the efficiency-focused Icestorm cores is bound to be slower, but at least it should be secure.
- Hardware-level Apple Silicon vulnerability can leak cryptographic keys
- Apple gets in on the AI PC hype, claims fanless M3 MacBook Air is fab for LLMs
- Twilio reminds users Authy Desktop apps die in March '24 – not in August
- iFixit tears Apple's Vision Pro to pieces
Even this approach might not be foolproof though. If Apple comes out with a future M processor with DMP enabled in its efficiency cores, then there's nowhere that code can be run without potentially exposing sensitive data. Of course, given that DMP is not entirely secure, we'd hope that Apple either fixes it, removes it, or finds an alternative feature before making its next generation CPUs even more vulnerable. ®