Right, and that's why injecting barriers isn't a real long term solution. The real solution is to have CPU speculation never have side effects, which could be done by having speculation not impact shared resources like caches and branch history tables.
Yes. I think this means disabling speculative fetch (L1 cache miss) for non-retired address operands is necessary for a fix. Sufficient?
-
-
That seems sufficient. The branch ought to have been taken at retire.
-
Actually I worry it's not sufficient with some branch prediction especially indirect...
-
Think case where cpu predicts call to function taking ptr but you're really calling function with integer arg under attacker control.
-
Disappointing but my guess is that you just have to disable all speculative fetch. At least all future cpus should give an MSR to do that for users who need strong guarantee or don't care about perf loss under heavy L1 misses.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.