| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3DC9BFC2-1ABB-4486-A0E9-51786CF4FB58@zytor.com>
Date: Fri, 20 Jun 2025 15:43:02 -0700
From: "H. Peter Anvin" <hpa@...or.com>
To: Andrew Cooper <andrew.cooper3@...rix.com>, dave.hansen@...el.com
CC: acme@...hat.com, aik@....com, akpm@...ux-foundation.org,
alexander.shishkin@...ux.intel.com, ardb@...nel.org, ast@...nel.org,
bp@...en8.de, brijesh.singh@....com, changbin.du@...wei.com,
christophe.leroy@...roup.eu, corbet@....net,
daniel.sneddon@...ux.intel.com, dave.hansen@...ux.intel.com,
ebiggers@...gle.com, geert+renesas@...der.be, houtao1@...wei.com,
jgg@...pe.ca, jgross@...e.com, jpoimboe@...nel.org,
kai.huang@...el.com, kees@...nel.org, kirill.shutemov@...ux.intel.com,
leitao@...ian.org, linux-doc@...r.kernel.org,
linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-mm@...ck.org, linux@...musvillemoes.dk, luto@...nel.org,
mcgrof@...nel.org, mhiramat@...nel.org, michael.roth@....com,
mingo@...nel.org, mingo@...hat.com, namhyung@...nel.org,
paulmck@...nel.org, pawan.kumar.gupta@...ux.intel.com,
peterz@...radead.org, rick.p.edgecombe@...el.com, rppt@...nel.org,
sandipan.das@....com, shijie@...amperecomputing.com,
sohil.mehta@...el.com, tglx@...utronix.de, tj@...nel.org,
tony.luck@...el.com, vegard.nossum@...cle.com, x86@...nel.org,
xin3.li@...el.com, xiongwei.song@...driver.com, ytcoode@...il.com
Subject: Re: [PATCHv6 00/16] x86: Enable Linear Address Space Separation support
On June 20, 2025 3:04:53 PM PDT, Andrew Cooper <andrew.cooper3@...rix.com> wrote:
>> Most of the cover letter here reads like an Intel whitepaper. That's not
>> the worst thing in the world, but I think it glosses over one very
>> important point:
>>
>> Had it been available, LASS alone would have mitigated Meltdown.
>>
>> Could we say this up front in a prominent place, please?
>
>I'm going to nitpick. :)
>
>Yes, LASS would have made Meltdown a far less major problem than it was,
>but I don't think that phrasing is fair. As I recall, LASS was
>literally invented as a "what would have been useful?" exercise in the
>wake of Meltdown.
>
>However, a less well known/researched area of Meltdown, which would not
>be addressed by LASS, is the ability to pend stores to read-only memory
>and proceed with the expectation that they'll success.
>
>Other things which would have helped would have been PKS (and this *was*
>asked for ahead of Skylake launching...)
>
>The other important thing about LASS is that it does cut off a whole
>class of sidechannels. This halts definitely-rogue speculation, but is
>useful for non-speculative security too.
>
>~Andrew
To some degree, the best way to describe LASS is "KPTI in hardware." No, it isn't an exact analogy – we don't switch the entire page table structure – but it does make the supervisor page table structure protected from user space *while still in memory*.
It is coarser-grained than software KPTI, but on the other hand the separation is absolute; there is to keep things like the kernel stack, descriptor tables and entry/exit code unprotected.
Powered by blists - more mailing lists