Sujet : Re: Another security vulnerability
De : mitchalsup (at) *nospam* aol.com (MitchAlsup1)
Groupes : comp.archDate : 24. Mar 2024, 19:20:06
Autres entêtes
Organisation : Rocksolid Light
Message-ID : <589c076598e37c2339473f8ddb8718eb@www.novabbs.org>
References : 1
User-Agent : Rocksolid Light
Stephen Fuld wrote:
https://arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips/
So, is there a way to fix this while maintaining the feature's performance advantage?
They COULD start by not putting prefetched data into the cache until after the predicting instruction retires. {{I have a note
from about 20 months ago where this feature was publicized and
the note indicates a potential side-channel.}}
An alternative is to notice that [*]cryption instructions are
being processed and turn DMP off during those intervals of time.
{Or both}.
Principle:: an Architecturally visible unit of data can only become
visible after the causing instruction retires. A high precision timer
makes cache line [dis]placement visible; so either take away the HPT
or don't alter cache visible state too early.
And we are off to the races, again.....