I am examining ARM-Cortex A8 flow prediction abilities, in order to done this i implemented below code:
char SecretDispatcher[256 * 512]; int counter = 0; //evicting SecretDispatcher from cache ... while(counter < (512 * 9 + 1)) { //evict counter from cache ... if(counter < (512 * 9)) { asm volatile ("LDR %0, [%1]\n\t" : "=r" (value) : "r" (SecretDispatcher + counter) ); } } //measuring access time to SecretDispatcher[9*512], i expect that this memory cell exist in cache but it dosen't
in above code, i will execute if statement with true condition 8-time for training branch predictor of CPU, and in 9th i expect that cpu access to SecretDispatcher[9 * 512] speculatively however the condition is not true. this is just simple spectre-v1 PoC attack and i implemented this attack successfully on intel X86 processor with same logic and i expect that this work also in Cortex-A8 as arm clarified that this processor is vulnerable against this attack.
there is anything that i missing?? there is anything that i should do to enable program flow prediction on ARM-Cortex A8??