Right, this is why I said except v1 style.
-
-
Replying to @RichFelker @Koral_001
Presumably process could provide a HT ok flag, or disable it when call to mprotect or namespace or something? Hmmm...
1 reply 0 retweets 0 likes -
Replying to @landley @Koral_001
Running tasks sharing same vm space on both HT threads is no loss in protection if you only flush cache at vm context switch, but doesn't allow you to protect kernel memory from the user task.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @Koral_001
So you'd need to halt the other thread in the pair when either entered the kernel.
1 reply 0 retweets 0 likes -
Replying to @landley @Koral_001
Yeah. You could do it with IPI's but then you're just going to make syscall entry/exit even more expensive...
1 reply 0 retweets 0 likes -
Replying to @RichFelker @Koral_001
Except IPI between HT should be trivial?
1 reply 0 retweets 0 likes -
Replying to @landley @Koral_001
Not any moreso than cross-core. The whole pipeline has to be flushed, the hardware and software sides of exception handling have to run, ...
1 reply 0 retweets 0 likes -
Replying to @RichFelker @Koral_001
An interrupt vector whose handler is the HLT instruction seems cheap enough for a quick stop. Resuming's slightly fiddlier...
1 reply 0 retweets 0 likes -
Replying to @landley @Koral_001
If you do that I don't think it's resumeable. You would rather spin on a variable "while(sibling core is in kernel)" then ret-to-user. You also need to multiplex IPI with other kernel use of it, which brings in nontrivial kernel surface.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @Koral_001
And somebody would signal() the HT while the other thing was in kernel and run exploit code in the handler... Needs HW support.
1 reply 0 retweets 0 likes
No, signals can't interrupt kernelspace except voluntarily via EINTR/restart. They're handled on return from kernel to user.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.