[ad_1]
This amounts to isolating the memory caches on the processors so as to prevent them from seeing everything that they do not need to know. MIT compares this to the installation of walls in a kitchen that prevent chefs from seeing the ingredients and tools of others. There are several distinct cache methods with their own domain identities, each validated. The new policies, on the other hand, deal with "misses" of cache that could signal an attack. You can not try caching access on these domains as part of an auction:
The result is an approach that protects against much more than CAT technology from before Specter Cache, but offers "comparable" performance. While this does not work against all possible speculative attacks, it still remains better – and protects against non-speculative attacks that CAT could never deal with. Work is underway to help the DAWG deal with more speculative attacks as well, which would require "very minimal" changes to the operating systems.
The challenge is to get companies to use this feature. The MIT team hopes that companies such as Intel will take over the idea, but this is not guaranteed. In the current state of things, the usual development time for processors could mean a long wait, even if the industry adopted it immediately. Nevertheless, it gives hope that there is a real solution to Meltdown and Spectrum that does not imply a significant impact on speed.
Source link
