Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday February 16 2019, @02:08PM   Printer-friendly
from the so-that-means...-we-are-screwed dept.
 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by Dr Spin on Saturday February 16 2019, @03:17PM (1 child)

    by Dr Spin (5239) on Saturday February 16 2019, @03:17PM (#802054)

    Can you make a CPU that runs fast and doesn't have this issue?

    Can you win the race if you cheat?

    Essentially, the risk is due to speculation or otherwise in one thread impacting performance in another. This does not need to be possible. However, if you allow a thread to use data that is in the cache because another thread put it there, then you are on the slippery slope to hell - even if you are destined to get there quicker, this might not be a good plan! Threads need to be wholly and completely isolated.

      "But it is not a multi-user environment" has been shown not to be a valid excuse - its not YOUR code running in the browser - the code in the browser belongs to a whole bunch of different malware promoters.
    While not using browsers at all might help, there are in fact, other scenarios (cloud serving) that are even higher risk.

    (Asking strangers to hold your wallet doesn't necessarily work out well either).

    --
    Warning: Opening your mouth may invalidate your brain!
    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by RS3 on Saturday February 16 2019, @05:16PM

    by RS3 (6367) on Saturday February 16 2019, @05:16PM (#802089)

    The OS is supposed to "sandbox" user processes. That's been a big gripe of mine since 1990ish. Even generic Linux kernels don't do it properly, so we have "hypervisors" which are modified Linux kernels. Some hypervisors are forked Linux kernels, or written from scratch. The point is: IMHO ALL OSes should have hypervisor incorporated and hypervisors and OS "virtualization" (VMware, Xen, etc.) shouldn't be needed.

    That said, for a hypervisor, or any software-based memory protection to work, the CPU _HAS_ to honor memory boundaries, regardless of cache or speculative execution.