In this paper, we investigate unexplored aspects of scheduler contention: We systematically study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We mount the first scheduler contention attacks on Zen 4, with a novel measurement method evoking an out-of-order race condition, more precise than the state of the art. We demonstrate the first inter-keystroke timing attacks based on scheduler contention, with an F1 score of $\geq$ 99.5 % and a standard deviation below 4 ms from the ground truth. Our end-to-end JavaScript attack transmits across Firefox instances, bypassing cross-origin policies and site isolation, with 891.9 bit/s (Zen 3) and 940.7 bit/s (Zen 4).

翻译：本文研究了调度器争用中尚未被探索的方面：我们系统地分析了AMD Zen 3上所有调度器队列的泄露问题，并证明所有队列均存在信息泄露。我们首次在Zen 4上实施了调度器争用攻击，采用了一种新型测量方法——通过触发乱序执行竞态条件，实现了比现有技术更精确的测量。我们首次展示了基于调度器争用的按键间隔时序攻击，其F1分数$\geq$ 99.5%，与真实值的标准差低于4毫秒。我们的端到端JavaScript攻击能够在Firefox浏览器实例间跨域执行，突破跨域策略和站点隔离限制，在Zen 3和Zen 4上分别达到891.9 bit/s和940.7 bit/s的传输速率。