[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
X86 dispatch contention vulnerability
- Subject: X86 dispatch contention vulnerability
- From: jdb10987 at yahoo.com (jim bell)
- Date: Wed, 14 Nov 2018 17:38:52 +0000 (UTC)
- In-reply-to: <CAO7N=i3qU-5nX+KKaMjKWpq7SHAJY9o--hFeiFmm1mVvcH0QMw@mail.gmail.com>
- References: <CAO7N=i3qU-5nX+KKaMjKWpq7SHAJY9o--hFeiFmm1mVvcH0QMw@mail.gmail.com>
Sounds like a valid issue!
      Jim Bell
On Wednesday, November 14, 2018, 9:36:06 AM PST, Ryan Carboni <ryacko at gmail.com> wrote:
While many x86 implementation vulnerabilities in the past involve either electromagnetic emissions or cache timing attacks, I have not read anything about instruction dispatch contention. According to anger fogâ??s research, Intelâ??s implementation of the x86 instruction set does not dispatch more than three of a single instruction, and it has been so for a long time. Irregardless of their design decisions for instruction dispatch, this provides a side channel in which two cooperating processes operating on the same core can conduct half-duplex communication at the rate of 2 bits per cycle by one process attempting to compete with another process for the same capacity for dispatches over a single instruction (0, 1, 2, 3). While I do not have the resources to know how x86 processors handles dispatch contention issues, if it is handled in a regular and non-random manner, it would reach that theoretical level of severity.
This violates certain access controls assumed to be imposed by the kernel.
I suppose I canâ??t collect my quarter million dollar prize if I publish this to the world?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2026 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20181114/823a3388/attachment.txt>