Intel is no exception support for its “Linear Address Masking” (LAM) feature has been slowly making its way toward the mainline kernel.ĬPUs can support this metadata by simply masking off the relevant bits before dereferencing a pointer. Storing a few bits of metadata within a pointer is a common enough use case that multiple architectures are adding support for it at the hardware level. As a result, there are bits within that pointer that are not really needed to address memory, and which might be put to other needs. LWN ☛ Support for Intel’s Linear Address Masking Ī 64-bit pointer can address a lot of memory - far more than just about any application could ever need.For some reason, users lack enthusiasm for this solution. IBRS works, but it has the unwelcome side effect of reducing performance by as much as 30%. On Intel processors starting with the Skylake generation, the only way to prevent such attacks is to turn on the indirect branch restricted speculation (IBRS) CPU “feature”, which was added by Intel early in the Spectre era. Alas, techniques for mistraining the branch history buffer are well understood at this point.Īs a result, long call chains in the kernel are susceptible to speculative-execution attacks. One might think that speculation would just stop at that point but, instead, the CPU resorts to other heuristics, including predicting from the branch history buffer. As that deep call chain returns, the RSB can underflow. The RSB can hold 16 entries, so it must drop the oldest entries if a call chain goes deeper than that. In recent Intel processors, there is a special hidden data structure called the “return stack buffer” (RSB) that caches return addresses for speculation. #BEST TEXT EDITOR FOR PYTHON SOMETHINGAWFUL CODE#If a CPU is to speculate past a return instruction, it must have some idea of where the code will return to. Thomas Gleixner and Peter Zijlstra think they have found a better way that bypasses the existing mitigations and misleads the processor’s speculative-execution mechanisms instead. Mitigating Retbleed can impede performance severely, especially on some Intel processors. #BEST TEXT EDITOR FOR PYTHON SOMETHINGAWFUL UPDATE#Mitigations for Retbleed have found their way into the mainline kernel but, as of this writing, some remaining problems have kept them from the stable update releases. “Retbleed” is the name given to a class of speculative-execution vulnerabilities involving return instructions. LWN ☛ Stuffing the return stack buffer.The TLLTS Podcast ☛ The Linux Link Tech Show Episode 965. #BEST TEXT EDITOR FOR PYTHON SOMETHINGAWFUL SOFTWARE#
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |