|
|
|
|
|
|
by caf
3086 days ago
|
|
|
wouldn't it be possible to mitigate it by locking the kernel to one CPU core, and run user processes on the other cores? That would be a much, much more invasive architectural change - and it would perform much worse than the page table isolation fixes. Also, if this bug lets the kernel leak data to user processes, would it also not be the case that different processes would leak data to each other? No. The problem is with pages that are mapped, but (supposed to be) inaccessible from your current privilege level. The user mappings of other processes aren't in your page tables at all. |
|
|