Announcement

Collapse
No announcement yet.

Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Milan Kerslager
    replied
    They mean to have fixed physical address (for kernel, process/KVM), not virtual. In normal conditions, when memory space is requested, kernel/process gets random pool of memory which used to be a part of another process in the past and this is a problem as it may contain sensitive information.

    Leave a comment:


  • Michael
    replied
    Originally posted by tildearrow View Post
    Has this been done by Windows already? (if I remember correctly on 32-bit Windows maps 0x00000000 to 0x7fffffff to user-space and 0x80000000 to 0xffffffff to kernel space)
    This is about even isolating different areas of the kernel, e.g. KVM.

    Leave a comment:


  • tildearrow
    replied
    Has this been done by Windows already? (if I remember correctly on 32-bit Windows maps 0x00000000 to 0x7fffffff to user-space and 0x80000000 to 0xffffffff to kernel space)

    Leave a comment:


  • Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks

    Phoronix: Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks

    Kernel Address Space Isolation is an experimental feature in development by Oracle in aiming to prevent leaking sensitive data from Intel Hyper Threading due to speculative execution attacks like L1TF...

    http://www.phoronix.com/scan.php?pag...pace-Isolation
Working...
X