Spectre v1 information disclosure attacks, which exploit CPU conditional branch misprediction, remain unsolved in deployed software. Certain Spectre v1 gadgets can be exploited only by out-of-place mistraining, in which the attacker controls a victim branch's prediction, possibly from another address space, by training a branch that aliases with the victim in the branch predictor unit (BPU) structure. However, constructing a BPU-alias for a victim branch is hard. Consequently, practical out-of-place mistraining attacks use brute-force searches to randomly achieve aliasing. To date, such attacks have been demonstrated only on Intel x86 CPUs.This paper explores the vulnerability of Apple M-Series CPUs to practical out-of-place Spectre v1 mistraining. We show that brute-force out-of-place mistraining fails on the M1. We analytically explain the failure is due to the search space size, assuming (based on Apple patents) that the M1 CPU uses a variant of the TAGE conditional branch predictor. Based on our analysis, we design a new BPU-alias search technique with reduced search space. Our technique requires knowledge of certain M1 BPU parameters and mechanisms, which we reverse engineer. We also use our newfound ability to perform out-of-place Spectre v1 mistraining to test if the M1 CPU implements hardware mitigations against cross-address space out-of-place mistraining -- and find evidence for partial mitigations.
View on arXiv@article{tuby2025_2502.10719,
title={ Reverse Engineering the Apple M1 Conditional Branch Predictor for Out-of-Place Spectre Mistraining },
author={ Adam Tuby and Adam Morrison },
journal={arXiv preprint arXiv:2502.10719},
year={ 2025 }
}