Re: [PATCH 0/7] Enable LASS (Linear Address space Separation)

From: Dave Hansen
Date: Tue Jan 10 2023 - 17:58:02 EST

Next message: Luck, Tony: "RE: [PATCH 0/2] PCI: Fix extended config space regression"
Previous message: Elliot Berman: "Re: [PATCH v8 04/28] arm64: smccc: Include alternative-macros.h"
In reply to: Sohil Mehta: "Re: [PATCH 0/7] Enable LASS (Linear Address space Separation)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/9/23 21:51, Yian Chen wrote:
> LASS (Linear Address Space Separation) is a security
> extension that prevents speculative address accesses across
> user/kernel mode. The LASS details have been published in
> Chapter 11 in
> https://cdrdv2.intel.com/v1/dl/getContent/671368
>
> LASS works in 64-bit mode only and partitions the 64-bit
> virtual address space into two halves:
> 1. Lower half (LA[63]=0) --> user space
> 2. Upper half (LA[63]=1) --> kernel space
> When LASS is enabled, a general protection #GP(0) fault will
> be generated if software accesses the address from the half in
> which it resides to another half, e.g., either from user space
> to upper half, or from kernel space to lower half. This
> protection applies to data access, code execution, cache line
> flushing instructions.

This does a good job of explaining the nuts and bolts -- *what* LASS
does. It does a less good job of explaining why this was built, how it
can benefit end users and who cares about it.

LASS seemed really cool when we were reeling from Meltdown. It would
*obviously* have been a godsend five years ago. But, it's less clear
what role it plays today and how important it is.

Could you enlighten us, please?

Next message: Luck, Tony: "RE: [PATCH 0/2] PCI: Fix extended config space regression"
Previous message: Elliot Berman: "Re: [PATCH v8 04/28] arm64: smccc: Include alternative-macros.h"
In reply to: Sohil Mehta: "Re: [PATCH 0/7] Enable LASS (Linear Address space Separation)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]