{"id":179557,"date":"2018-01-03T20:58:00","date_gmt":"2018-01-04T01:58:00","guid":{"rendered":"https:\/\/www.panix.com\/~msaroff\/40years\/2018\/01\/03\/forcefully-unmap-complete-kernel-with-interrupt-trampolines\/"},"modified":"2018-01-03T20:58:00","modified_gmt":"2018-01-04T01:58:00","slug":"forcefully-unmap-complete-kernel-with-interrupt-trampolines","status":"publish","type":"post","link":"https:\/\/www.panix.com\/~msaroff\/40years\/2018\/01\/03\/forcefully-unmap-complete-kernel-with-interrupt-trampolines\/","title":{"rendered":"Forcefully Unmap Complete Kernel With Interrupt Trampolines"},"content":{"rendered":"<p>Yes, Apple crippled older phones, and <a href=\"https:\/\/www.theregister.co.uk\/2018\/01\/02\/intel_cpu_design_flaw\/\">Intel said, &#8220;Here, hold my beer<\/a>.&#8221;<\/p>\n<p>Basically the error can allow low level programs to take over the kernel, with a result kind of like that scene in <i>Raiders of the Lost Ark<\/i> when they open up the ark.<\/p>\n<p>There is a fix, but it involves changes to the operating system that causes a significant performance hit, and <a href=\"https:\/\/www.mail-archive.com\/linux-kernel@vger.kernel.org\/msg1553070.html\">Linux developers were unamused<\/a>:<\/p>\n<blockquote><p><span style=\"color: blue;\">2) Namespace<\/span><br \/><span style=\"color: blue;\"><br \/><\/span><span style=\"color: blue;\">&nbsp;&nbsp;&nbsp;Several people including Linus requested to change the KAISER name.<\/span><br \/><span style=\"color: blue;\"><br \/><\/span><span style=\"color: blue;\">&nbsp;&nbsp;&nbsp;We came up with a list of technically correct acronyms:<\/span><br \/><span style=\"color: blue;\"><br \/><\/span><span style=\"color: blue;\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;User Address Space Separation, prefix uass_<\/span><br \/><span style=\"color: blue;\"><br \/><\/span><span style=\"color: blue;\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Forcefully Unmap Complete Kernel With Interrupt Trampolines, prefix f%$#wit_<\/span><br \/><span style=\"color: blue;\"><br \/><\/span><span style=\"color: blue;\">&nbsp;&nbsp;&nbsp;but we are politically correct people so we settled for<\/span><br \/><span style=\"color: blue;\"><br \/><\/span><span style=\"color: blue;\">&nbsp;&nbsp;&nbsp;&nbsp;Kernel Page Table Isolation, prefix kpti_<\/span><br \/><span style=\"color: blue;\"><br \/><\/span><span style=\"color: blue;\">&nbsp;&nbsp;&nbsp;Linus, your call :))<\/span><\/p><\/blockquote>\n<p>As near as I can figure out, Intel&#8217;s claim that this is, &#8220;Not a bug,&#8221; and this appears to be true.<\/p>\n<p>This appears to be <a href=\"https:\/\/arstechnica.com\/gadgets\/2018\/01\/whats-behind-the-intel-design-flaw-forcing-numerous-patches\/\">a direct consequence of their attempt to boost processor performance<\/a> in their competition with AMD, which appears not to be vulnerable to the &#8220;KPTI&#8221; bug, also called &#8220;Meldtown&#8221;.<\/p>\n<p>However, it does appear that speculative execution in general <a href=\"https:\/\/arstechnica.com\/gadgets\/2018\/01\/meltdown-and-spectre-every-modern-processor-has-unfixable-security-flaws\/\">creates a whole host of potential (though thankfully more difficult) exploits across a much wider range of processors<\/a>. (This one is called Spectre).<\/p>\n<p>I&#8217;m beginning to think that it is time for a major change in CPU architectures.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yes, Apple crippled older phones, and Intel said, &#8220;Here, hold my beer.&#8221; Basically the error can allow low level programs to take over the kernel, with a result kind of like that scene in Raiders of the Lost Ark when they open up the ark. There is a fix, but it involves changes to the &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[395,588,541,533,382],"class_list":["post-179557","post","type-post","status-publish","format-standard","hentry","tag-computer","tag-fail","tag-security","tag-software","tag-technology"],"_links":{"self":[{"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/posts\/179557"}],"collection":[{"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/comments?post=179557"}],"version-history":[{"count":0,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/posts\/179557\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/media?parent=179557"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/categories?post=179557"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/tags?post=179557"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}