|
|
|
|
|
|
by mtanski
3089 days ago
|
|
|
This rant/thread is a good reading as well: https://lkml.org/lkml/2018/1/3/797 It's possible to key the cache in the kernel on CPL so at least there should be no user / kernel space scooping of cache lines. It's possible we can never fully prevent all attacks in same address space. So certain types of applications (JIT and sandboxes) might forever be a cat and mouse game since we're unlikely to give up on branch prediction. |
|
|