Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks

Milan Kerslager replied

11 July 2019, 11:36 PM
They mean to have fixed physical address (for kernel, process/KVM), not virtual. In normal conditions, when memory space is requested, kernel/process gets random pool of memory which used to be a part of another process in the past and this is a problem as it may contain sensitive information.
2 likes
Leave a comment:
Michael replied

11 July 2019, 09:44 PM
Originally posted by tildearrow View Post

Has this been done by Windows already? (if I remember correctly on 32-bit Windows maps 0x00000000 to 0x7fffffff to user-space and 0x80000000 to 0xffffffff to kernel space)

This is about even isolating different areas of the kernel, e.g. KVM.
2 likes
Leave a comment:
tildearrow replied

11 July 2019, 09:32 PM
Has this been done by Windows already? (if I remember correctly on 32-bit Windows maps 0x00000000 to 0x7fffffff to user-space and 0x80000000 to 0xffffffff to kernel space)
Leave a comment:
phoronix started a topic Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks

11 July 2019, 09:20 PM
Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks

Phoronix: Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks

Kernel Address Space Isolation is an experimental feature in development by Oracle in aiming to prevent leaking sensitive data from Intel Hyper Threading due to speculative execution attacks like L1TF...

http://www.phoronix.com/scan.php?pag...pace-Isolation
Tags: None

Announcement

Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks

Leave a comment:

Leave a comment:

Leave a comment:

Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks