[Info-vax] Intel junk...Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign
Doomsdrzej
dre at do.om
Fri Jan 5 18:57:45 EST 2018
On Fri, 05 Jan 2018 23:01:39 GMT, Pabst Blue Ribbon
<pabst at blue.ribbon> wrote:
>Alan Browne <bitbucket at blackhole.com> wrote:
>> On 2018-01-05 09:15, DaveFroble wrote:
>>> Jan-Erik Soderholm wrote:
>>
>>>> Becuse the designers, for performance reasons, has mapped kernel memory
>>>> into the user process address space and relies on the OS to check
>>>> protection before any kernel memory (or code) is accessed.
>>>>
>>>> The issue with the current issues is that the hardware (the CPU) does
>>>> these accesses in hardware "under the hood" without control by the OS.
>>>>
>>>> If you map your kernel memory in another way that uses the hardware
>>>> protection facilities, you are (as I understand) safe, at the cost
>>>> of worse performance to switch between user and kernel mode.
>>>>
>>>>
>>>
>>> As I wrote, someone dropped the ball on this one.
>>>
>>> Speculative execution is part of the HW, not software. It appears the
>>> HW doesn't follow it's own rules. Or, perhaps I don't actually
>>> understand the problem?
>>
>> At least as well as I do. These are very complex mechanisms and
>> complexity is usually where you're most likely to get problems.
>>
>> In this case the h/w implementation didn't reflect the design goal.
>>
>> This means intel had very poor design review and abysmal testing of
>> security features.
>
>I doubt it. Yes, it's assumption but I think Intel was aware and gave OK to
>flawed design because of performance/cost.
The most popular theory is that Intel not only left it in there but
actually put the flaw in there to facilitate spying by the NSA. There
was even anonymous testimony by an Intel employee that explained it as
being used for that purpose and that the company was aware of the
issue for years.
More information about the Info-vax
mailing list