[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Intel CPU bug forcing page table switch during syscalls?



Hi!

It looks like there's Intel CPU bug, allowing prefetch from kernel
memory. It seems to be reason KASLR patches are pushed so fast to Linux.

https://mobile.twitter.com/brainsmoke/status/948561799875502080/photo/1
https://forums.freebsd.org/threads/63955/page-2#post-371276

Hmm.

Does that mean we can do

   u16 *peek_addr = <somewhere into kernel>;
   char cacheline1[64];
   char cacheline2[64];

   wbinvd();

   if (*peek_addr == 0x1234)
      (volatile char *) cacheline1[0];
   else
      (volatile char *) cacheline2[0];

Thread will certainly die to SIGSEGV here, but from other thread we
should be able to tell if cacheline1 or cacheline2 is in cache... and
therefore read unreadable memory....?

									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Attachment: signature.asc
Description: Digital signature