03 January 2018

Forcefully Unmap Complete Kernel With Interrupt Trampolines

Yes, Apple crippled older phones, and Intel said, "Here, hold my beer."

Basically the error can allow low level programs to take over the kernel, with a result kind of like that scene in Raiders of the Lost Ark when they open up the ark.

There is a fix, but it involves changes to the operating system that causes a significant performance hit, and Linux developers were unamused:
2) Namespace

   Several people including Linus requested to change the KAISER name.

   We came up with a list of technically correct acronyms:

     User Address Space Separation, prefix uass_

     Forcefully Unmap Complete Kernel With Interrupt Trampolines, prefix f%$#wit_

   but we are politically correct people so we settled for

    Kernel Page Table Isolation, prefix kpti_

   Linus, your call :))
As near as I can figure out, Intel's claim that this is, "Not a bug," and this appears to be true.

This appears to be a direct consequence of their attempt to boost processor performance in their competition with AMD, which appears not to be vulnerable to the "KPTI" bug, also called "Meldtown".

However, it does appear that speculative execution in general creates a whole host of potential (though thankfully more difficult) exploits across a much wider range of processors. (This one is called Spectre).

I'm beginning to think that it is time for a major change in CPU architectures.


Post a Comment