Deutsch English Français Italiano |
<2024Mar26.173626@mips.complang.tuwien.ac.at> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: anton@mips.complang.tuwien.ac.at (Anton Ertl) Newsgroups: comp.arch Subject: Re: Another security vulnerability Date: Tue, 26 Mar 2024 16:36:26 GMT Organization: Institut fuer Computersprachen, Technische Universitaet Wien Lines: 19 Message-ID: <2024Mar26.173626@mips.complang.tuwien.ac.at> References: <utpoi2$b6to$1@dont-email.me> <utr63b$u40q$1@dont-email.me> <2024Mar25.093751@mips.complang.tuwien.ac.at> <8biMN.162475$46Te.1680@fx38.iad> <uttc4e$1elji$2@dont-email.me> <ZIAMN.122729$SyNd.55207@fx33.iad> Injection-Date: Tue, 26 Mar 2024 16:40:24 +0100 (CET) Injection-Info: dont-email.me; posting-host="448288c924380b98e6ec89021008782f"; logging-data="2025169"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+JQQKSG3iJPVLgZToLdmhX" Cancel-Lock: sha1:P6LjppUPtEOCCRb0A2Ctgm0dLgk= X-newsreader: xrn 10.11 Bytes: 1875 scott@slp53.sl.home (Scott Lurndal) writes: >Lawrence D'Oliveiro <ldo@nz.invalid> writes: >>On Mon, 25 Mar 2024 17:07:16 GMT, Scott Lurndal wrote: >> >>> Run it in non-cacheable memory. Slow but safe. .... >Running the crypto algorithms (when not offloaded to >on-chip accelerators) using non-cacheable memory as a workaround >until the hardware issues are ameliorated doesn't imply that >all other code needs to run non-cachable. Then your crypto code is slow and unsafe. The attacker will use the rest of the application to extract the crypto keys, whether through the cache side-channel of Spectre, or a prefetcher-based side channel. - anton -- 'Anyone trying for "industrial quality" ISA should avoid undefined behavior.' Mitch Alsup, <c17fcd89-f024-40e7-a594-88a85ac10d20o@googlegroups.com>