Announcement

Collapse
No announcement yet.

RISC-V Linux Patches Start On "zisslpcfi" Support For Control-Flow Integrity

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • stormcrow
    replied
    Originally posted by uid313 View Post
    Could the RISC-V instruction set architecture (ISA) be any more secure than x86?
    Or does the security have nothing to do the instruction set architecture and it all depends on if the microarchitecture implements speculative execution?
    It's not either/or. It's both. You have to have a security mindset from the original designs, including the ISA, all the way up to the implementation and associated support hardware, firmware, and software. If any of those are violated for convenience, cost, or performance you get potential or actual security problems. So, everyone has to play ball in good faith. Is it possible to have all factors play nice? Sure! Is it likely in practice? We'll see. RISC-V by itself will not be a security silver bullet, but it will help along the path. The rest requires entire paradigm shifts towards proper software engineering including logic verification, removing low hanging rotten fruit by better tooling and language design, UX design changes. In short, a secure environment won't resemble computing as it is now.

    Leave a comment:


  • ayumu
    replied
    Originally posted by uid313 View Post
    Could the RISC-V instruction set architecture (ISA) be any more secure than x86?
    Or does the security have nothing to do the instruction set architecture and it all depends on if the microarchitecture implements speculative execution?
    The seL4 guys do like, recommend and are involved with RISC-V.

    That's the strongest endorsement it could have.

    And the `fence.t` instruction (refer to latest seL4 summit for details) is effective in closing all timing side channels between processes.

    Leave a comment:


  • colejohnson66
    replied
    Originally posted by uid313 View Post
    Could the RISC-V instruction set architecture (ISA) be any more secure than x86?
    Or does the security have nothing to do the instruction set architecture and it all depends on if the microarchitecture implements speculative execution?
    It's more to do with speculative execution. The architecture can provide instructions and architecture support to assist in prevention, but the only true way to prevent things like Meltdown and the like is to have a strictly in-order processor with no speculative execution. This is because, at it's core, Spectre and Meltdown are based on cache data being prefetched before the instructions retire and privilege checking is performed.

    The real thing RISC-V has that x86 doesn't is a patent-free architecture designed from the beginning for extensibility. Whether it will ever land on desktops remains to be seen.

    Leave a comment:


  • uid313
    replied
    Could the RISC-V instruction set architecture (ISA) be any more secure than x86?
    Or does the security have nothing to do the instruction set architecture and it all depends on if the microarchitecture implements speculative execution?

    Leave a comment:


  • RISC-V Linux Patches Start On "zisslpcfi" Support For Control-Flow Integrity

    Phoronix: RISC-V Linux Patches Start On "zisslpcfi" Support For Control-Flow Integrity

    While there is a lot to love about RISC-V, with the plethora of RISC-V extensions some of the acronyms are hard to digest. The latest example is the Linux kernel patches for "zisslpcfi", which is the RISC-V extension around Control-Flow Integrity (CFI) support for RISC-V processors...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
Working...
X