Probably it does not. The prefetch side-channel attack also did not bypass it: https://gruss.cc/files/prefetch.pdf …
And since then we performed more tests. I would be somewhat optimistic that segment limits work against #Meltdown.
-
-
Replying to @lavados
In that paper, you dismiss use of segment limits in 64-bit mode because "the CPU can ignore these values at runtime and does not have to perform runtime range checks for memory accesses" - yet it'd be sufficient if they work on specific vulnerable CPUs, so maybe revisit this?
1 reply 0 retweets 2 likes -
Replying to @solardiz
segment limits don't work in 64-bit mode for CS and DS, also ES iirc, but FS and GS can have limits (which is convenient for small TLS segments). but if you use 32 bit segments on a 64-bit OS, prefetch and also
#meltdown probably won't work from that process anymore.2 replies 0 retweets 0 likes -
Replying to @lavados
Oh. Would that be a reason to revisit x32, then? The performance advantage of x32 over x86_64 would suddenly become greater than it was before, right?
1 reply 1 retweet 8 likes -
Replying to @solardiz
yes, but at the same time you would limit processes to a comparably small address space. I fear we already got too used to the vast space of 48bit virtual addresses.
1 reply 0 retweets 2 likes -
Replying to @lavados
Sure. Is x32 as currently implemented in the Linux kernel safe from Meltdown or are minor changes needed (propose them on LKML if so)?
1 reply 0 retweets 0 likes -
x32 isn't architecturally different from x64-64 AFAIK? just a different syscall convention?
1 reply 0 retweets 1 like -
and differences in what you can do with segments. and if you're not using a long mode segment you can't use long mode operations -> you can't have pointers that point anywhere above 2^32.
1 reply 0 retweets 0 likes -
but the point of x32 is that you do have 64-bit mode, so that you can use R8-R15 and other features of 64-bit mode. x32 uses 32-bit pointers in its calling convention, but it's not architecturally compatibility mode
1 reply 0 retweets 2 likes -
Sure. I really do mean x32 here. With Meltdown, it just became more attractive: I guess just restrict modify_ldt() from x32 personality processes and we've defeated Meltdown for them, without KPTI. And those can co-exist with slower x86_64 processes with KPTI for full 64-bitness.
1 reply 0 retweets 1 like
how would that work? x32 is architecturally still x86_64, and AFAIK the CPU will silently ignore any segment limits you try to set on e.g. CS or DS in that mode
-
-
you would have to go for compatibility mode
2 replies 0 retweets 2 likes -
and use a second GDT, or something like that, because on normal Linux, any 32-bit process can just IRET to 64-bit mode - there is a 64-bit user code segment in the GDT, and ring 3 can switch to any ring 3 code segment
1 reply 0 retweets 0 likes - 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.