Security researchers from UIUC, UT Austin, Georgia Tech, UW, and Carnegie Mellon published a paper last week announcing a new attack on Apple M-Series silicon. Dubbed “GoFetch”, this new attack is noteworthy not just from a security standpoint, but also from a performance standpoint: in the attack disclosure, the researchers provided the first complete analysis of Apple’s M-Series Data Memory-Dependent Prefetcher (DMP).

If you have the technical knowledge necessary to read and fully understand the original paper, I highly recommend it. However, since many programmers do not have enough microarchitecture knowledge to follow the paper on their own, I recorded this video where I walk through what a “DMP” is, what the researchers figured out about Apple M-Series DMP behavior via microbenchmarking, and how a “GoFetch” DMP-enabled attack works in practice.

If you are already familiar with microarchitecture analysis, and would like some deeper reading on the subject, I would suggest reading the original GoFetch paper and three of its references in particular:

GoFetch: Official site and paper

Augury: Official site and paper

Prime+Probe background: paper

Eviction sets background: paper

As always, if you’re interested in learning more about how CPUs work on how to program them effectively, that’s exactly what we do here at Computer Enhance. In fact, we are in the middle of a series of articles on caches right now! If you’re interested in subscribing, you can see the options here: