lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8ac54f52-5bf0-bf6c-2473-7f0cf2a1a957@intel.com>
Date:   Tue, 10 Jan 2023 14:57:17 -0800
From:   Dave Hansen <dave.hansen@...el.com>
To:     Yian Chen <yian.chen@...el.com>, linux-kernel@...r.kernel.org,
        x86@...nel.org, Andy Lutomirski <luto@...nel.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Tony Luck <tony.luck@...el.com>,
        Sohil Mehta <sohil.mehta@...el.com>,
        Paul Lai <paul.c.lai@...el.com>
Subject: Re: [PATCH 0/7] Enable LASS (Linear Address space Separation)

On 1/9/23 21:51, Yian Chen wrote:
> LASS (Linear Address Space Separation) is a security
> extension that prevents speculative address accesses across 
> user/kernel mode. The LASS details have been published in
> Chapter 11 in 
> https://cdrdv2.intel.com/v1/dl/getContent/671368
> 
> LASS works in 64-bit mode only and partitions the 64-bit
> virtual address space into two halves:
>     1. Lower half (LA[63]=0) --> user space
>     2. Upper half (LA[63]=1) --> kernel space
> When LASS is enabled, a general protection #GP(0) fault will
> be generated if software accesses the address from the half in
> which it resides to another half, e.g., either from user space
> to upper half, or from kernel space to lower half. This
> protection applies to data access, code execution, cache line
> flushing instructions.

This does a good job of explaining the nuts and bolts -- *what* LASS
does.  It does a less good job of explaining why this was built, how it
can benefit end users and who cares about it.

LASS seemed really cool when we were reeling from Meltdown.  It would
*obviously* have been a godsend five years ago.  But, it's less clear
what role it plays today and how important it is.

Could you enlighten us, please?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ