32-BIT ADDRESS SPACE CONTAINMENT TO SECURE PROCESSES FROM SPECULATIVE ROGUE CACHE LOADS

Embodiments are disclosed to mitigate the meltdown vulnerability by selectively using page table isolation. Page table isolation is enabled for 64-bit applications, so that unprivileged areas in the kernel address space cannot be accessed in user mode due to speculative execution by the processor. O...

Full description

Saved in:
Bibliographic Details
Main Authors Tsafrir, Dan, Amit, Nadav, Wei, Michael
Format Patent
LanguageEnglish
Published 08.08.2019
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:Embodiments are disclosed to mitigate the meltdown vulnerability by selectively using page table isolation. Page table isolation is enabled for 64-bit applications, so that unprivileged areas in the kernel address space cannot be accessed in user mode due to speculative execution by the processor. On the other hand, page table isolation is disabled for 32-bit applications thereby providing mapping into unprivileged areas in the kernel address space. However, speculative execution is limited to a 32-bit address space in a 32-bit application, and s access to unprivileged areas in the kernel address space can be inhibited.
Bibliography:Application Number: US201815960467