Cross-VM and Cross-Processor Covert Channels Exploiting Processor Idle Power Management


Paizhuo Chen, Lei Li, and Zhice Yang, ShanghaiTech University


To achieve power-efficient computing, processors engage idle power management mechanisms to turn on/off idle components according to the dynamics of the workload. A processor's hardware components are classified and managed through the core and the uncore. The uncore is the supporting hardware shared by the cores, hence the decision of turning it on/off depends on the cores' activities. Such dependency implies a covert channel threat in multi-core platforms. Specifically, the power status of the uncore reflects the workload pattern of the active core, and it can be probed by any process running on the processor. This allows the process to infer the workload information of the active core. We show this covert channel can work across processors and violate VM isolation. We validate the channel in in-house testbeds as well as proprietary cloud servers.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {274535,
author = {Paizhuo Chen and Lei Li and Zhice Yang},
title = {{Cross-VM} and {Cross-Processor} Covert Channels Exploiting Processor Idle Power Management},
booktitle = {30th USENIX Security Symposium (USENIX Security 21)},
year = {2021},
isbn = {978-1-939133-24-3},
pages = {733--750},
url = {},
publisher = {USENIX Association},
month = aug

Presentation Video