|
|
|
|
|
|
by Sirened
1369 days ago
|
|
|
Not if you care about side channels. There really aren't any good solutions here that let you safely run untrusted code in a shared address space. Yes, you can slap barriers behind every single branch and after every single store (memory ordering violations can cause mispeculations in straight line code!), but that's going to come with an enormous performance cost (academics regularly brag about inventing new mitigations with ""only"" a 20% performance overhead lmao). The only option we've really found is to make interesting secrets inaccessible (site isolation in Chrome, for example). Trying to shove all user applications into a flat address space would mean giving any application the ability to read arbitrary memory, which is not great. |
|
|