Intel hardware bug
Dag-Erling Smørgrav
des at des.no
Thu Jan 4 15:03:25 UTC 2018
Erich Dollansky <freebsd.ed.lists at sumeritec.com> writes:
> Intel used segments to separate things everybody hated.
Everybody hated segment-level memory protection, but the i386 also
introduced page-level memory protection, which was widely used and has
since been expanded to provide features that were never available at the
segment level.
> Intel introduced later the rings, everybody ignored.
Not at all. They just don't use all four. Unless you start looking at
hardware virtualization extensions, which introduce additional
protection levels.
> Instead of keeping the things separated - as suggested by Intel's
> design - people used shortcuts whenever possible.
This is irrelevant. We are talking about timing-based side-channel
attacks. The attacker is not able to access protected memory directly,
but is able to deduce its contents by repeatedly performing illegal
memory accesses and then checking how they affect the cache.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list