Hi, On Thu, 04 Jan 2018 16:01:51 +0100 Dag-Erling Smørgrav <[email protected]> wrote:
> Erich Dollansky <[email protected]> writes: > > Intel used segments to separate things everybody hated. > > Everybody hated segment-level memory protection, but the i386 also good that hate is meanwhile illegal. > introduced page-level memory protection, which was widely used and has > since been expanded to provide features that were never available at > the segment level. Yes, but instead of combining both, the segment registers were set to point to the same memory locations disabling the additional protection given by the segments. > > > Intel introduced later the rings, everybody ignored. > > Not at all. They just don't use all four. Unless you start looking > at hardware virtualization extensions, which introduce additional > protection levels. It was just abusing them to replace the supervisor flag other processors have or have had. > > > Instead of keeping the things separated - as suggested by Intel's > > design - people used shortcuts whenever possible. > > This is irrelevant. We are talking about timing-based side-channel > attacks. The attacker is not able to access protected memory > directly, but is able to deduce its contents by repeatedly performing > illegal memory accesses and then checking how they affect the cache. Directly yes, not if the kernel memory would be always in a different segment. It would land then in cache only when memory near segment bounds are accessed. Which could be easily avoided. Anyway, we cannot turn the clock back now. I just wanted to mention that Intel has had different thoughts those days. I am not even sure if Intel engineers remember this. Erich _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
