Or use a PLB

By: Linus Torvalds (torvalds.delete@this.linux-foundation.org), September 14, 2021 3:27 pm
Room: Moderated Discussions
Paul A. Clayton (paaronclayton.delete@this.gmail.com) on September 14, 2021 9:45 am wrote:
> Or use a PLB

Ugh. Then you'd be better off just doing the TLB instead.

If the thinking is "I can look up the data early, and use a separate permission lookaside buffer to check the access later", you end up with the situation we saw with Meltdown - happily using data speculatively, and leaking it like mad.

So no, it's not ok to look up permissions "later".

So a PLB is absolutely the wrong answer. The traditional reason for it ("make it not be in the critical path for the data access") is simply unacceptable due to security reasons.

Now, what I could see working is having multiple levels of permission checking, where the checking done for security reasons could be done with a much bigger granularity.

For example, you might do things like VMM and kernel protections based purely on address, with no table lookup at all (or, rather, a very small fixed table that is set up statically). So you might have some high-level "this protection domain can access this virtual area".

Do those synchronously with the lookup, protecting against Meltdown - and then accept semantics like "within this permitted set of virtual addresses, data may leak through side channels", because you check the per-page permissions much later (and maybe <much later - at instruction retirement time).

But even then a PLB sounds like the wrong thing to do. You might as well just do the accesses purely by virtual address, and then check the exact bits from a TLB lookup much later, so the TLB just isn't on the critical path. And you need that TLB for the cache miss case anyway, so it's not like you can replace the TLB with a virtual cache and a PLT.

But note that the above "relaxed virtual address region" model requires architectural support, so it's not invisible. In practice, it would probably work very well (ie just a few special range registers, so that the OS could then carve out the area it wants to protect, and user space that does JIT protections could say "this is the safe access area" etc).

Basically it would allow the different security rings to say "within this range, you can speculate accesses and leak data - but only within this range". That obviously still requires that you check the full cache tags and don't leak data that way.

But even if you accept the information leak semantics, you still want those protections at a page level (and access/dirty bits!) to still be semantically enforced. And they can't be based on some big range thing - they need a page table walker, and I do not believe a PLB helps with that problem at all. It requires the exact same indexing, it would just make the data behind it smaller - but I don't think that is a sufficiently big advantage to make it worth it.

Or is there some PLB upside I am missing?

Linus
< Previous Post in ThreadNext Post in Thread >
TopicPosted ByDate
POWER10 SAP SD benchmarkanon22021/09/06 03:36 PM
  POWER10 SAP SD benchmarkDaniel B2021/09/07 02:31 AM
    "Cores" (and SPEC)Rayla2021/09/07 07:51 AM
      "Cores" (and SPEC)anon2021/09/07 03:56 PM
  POWER10 SAP SD benchmarkAnon2021/09/07 03:24 PM
    POWER10 SAP SD benchmarkAnon2021/09/07 03:27 PM
  Virtually tagged L1-cachessr2021/09/08 05:49 AM
    Virtually tagged L1-cachesdmcq2021/09/08 08:22 AM
      Virtually tagged L1-cachessr2021/09/08 08:56 AM
      Virtually tagged L1-cachesHugo Décharnes2021/09/08 08:58 AM
        Virtually tagged L1-cachessr2021/09/08 10:09 AM
          Virtually tagged L1-cachesHugo Décharnes2021/09/08 10:46 AM
            Virtually tagged L1-cachessr2021/09/08 11:35 AM
              Virtually tagged L1-cachesHugo Décharnes2021/09/08 12:23 PM
                Virtually tagged L1-cachessr2021/09/08 12:40 PM
                  Virtually tagged L1-cachesanon2021/09/09 03:16 AM
                    Virtually tagged L1-cachesKonrad Schwarz2021/09/10 05:19 AM
                      Virtually tagged L1-cachesHugo Décharnes2021/09/10 06:59 AM
                        Virtually tagged L1-cachesanon2021/09/14 03:17 AM
                          Virtually tagged L1-cachesdmcq2021/09/14 09:34 AM
                            Or use a PLB (NT)Paul A. Clayton2021/09/14 09:45 AM
                              Or use a PLBLinus Torvalds2021/09/14 03:27 PM
                                Or use a PLBanon2021/09/15 12:15 AM
                                  Or use a PLBMichael S2021/09/15 03:21 AM
                                    Or use a PLBdmcq2021/09/15 03:42 PM
                                      Or use a PLBKonrad Schwarz2021/09/16 04:24 AM
                                        Or use a PLBMichael S2021/09/16 10:13 AM
                                          Or use a PLB---2021/09/16 01:02 PM
                                  PLB referencePaul A. Clayton2021/09/18 02:35 PM
                                    PLB referenceMichael S2021/09/18 04:14 PM
                                      Demand paging/translation orthogonalPaul A. Clayton2021/09/19 07:33 AM
                                        Demand paging/translation orthogonalMichael S2021/09/19 09:10 AM
                                      PLB referenceCarson2021/09/20 10:19 PM
                                    PLB referencesr2021/09/20 06:02 AM
                                      PLB referenceMichael S2021/09/20 07:03 AM
                                        PLB referenceLinus Torvalds2021/09/20 12:10 PM
                                  Or use a PLBsr2021/09/20 04:32 AM
                              Or use a PLBsr2021/09/21 09:36 AM
                                Or use a PLBLinus Torvalds2021/09/21 10:04 AM
                                  Or use a PLBsr2021/09/21 10:48 AM
                                    Or use a PLBLinus Torvalds2021/09/21 01:55 PM
                                      Or use a PLBsr2021/09/22 06:55 AM
                                        Or use a PLBrwessel2021/09/22 07:09 AM
                                        Or use a PLBLinus Torvalds2021/09/22 11:50 AM
                                          Or use a PLBsr2021/09/22 01:00 PM
                                            Or use a PLBdmcq2021/09/22 04:07 PM
                                            Or use a PLBEtienne Lorrain2021/09/23 08:50 AM
                                          Or use a PLBanon22021/09/22 04:09 PM
                                            Or use a PLBdmcq2021/09/23 02:35 AM
                                          Or use a PLB2021/09/23 09:37 AM
                                            Or use a PLBLinus Torvalds2021/09/23 12:01 PM
                                              Or use a PLBgpd2021/09/24 03:59 AM
                                                Or use a PLBLinus Torvalds2021/09/24 10:45 AM
                                                  Or use a PLBdmcq2021/09/24 12:43 PM
                                                  Or use a PLBsr2021/09/25 10:19 AM
                                                    Or use a PLBLinus Torvalds2021/09/25 10:44 AM
                                                      Or use a PLBsr2021/09/25 11:11 AM
                                                        Or use a PLBLinus Torvalds2021/09/25 11:31 AM
                                                          Or use a PLBsr2021/09/25 11:52 AM
                                                            Or use a PLBLinus Torvalds2021/09/25 12:05 PM
                                                              Or use a PLBsr2021/09/25 12:23 PM
                                                                Or use a PLBrwessel2021/09/25 03:29 PM
                                                                  Or use a PLBsr2021/10/01 12:22 AM
                                                                    Or use a PLBrwessel2021/10/01 06:19 AM
                                                                      Or use a PLBDavid Hess2021/10/01 10:35 AM
                                                                        Or use a PLBrwessel2021/10/02 04:47 AM
                                                                      Or use a PLBsr2021/10/02 11:16 AM
                                                                        Or use a PLBrwessel2021/10/02 11:53 AM
                                                          Or use a PLBLinus Torvalds2021/09/25 11:57 AM
                                                            Or use a PLBsr2021/09/25 12:07 PM
                                                              Or use a PLBLinus Torvalds2021/09/25 12:21 PM
                                                                Or use a PLBsr2021/09/25 12:40 PM
                                                                  Or use a PLBnksingh2021/09/27 09:07 AM
                                                          Or use a PLB2021/09/27 09:02 AM
                                                            Or use a PLBLinus Torvalds2021/09/27 10:20 AM
                                                              Or use a PLBLinus Torvalds2021/09/27 12:58 PM
                                                                Or use a PLBdmcq2021/09/28 10:59 AM
                                              Or use a PLBsr2021/09/25 10:34 AM
                                                Or use a PLBrwessel2021/09/25 03:44 PM
                                                  Or use a PLBsr2021/10/01 01:04 AM
                                                    Or use a PLBrwessel2021/10/01 06:33 AM
                                                      I386 segmentation highlightssr2021/10/04 07:53 AM
                                                        I386 segmentation highlightsAdrian2021/10/04 09:53 AM
                                                          I386 segmentation highlightssr2021/10/04 10:19 AM
                                                        I386 segmentation highlightsrwessel2021/10/04 04:57 PM
                                                          I386 segmentation highlightssr2021/10/05 11:16 AM
                                                            I386 segmentation highlightsMichael S2021/10/05 12:27 PM
                                                            I386 segmentation highlightsrwessel2021/10/05 04:20 PM
                                                Or use a PLBJohnG2021/09/25 10:18 PM
                                              Or use a PLB2021/09/27 07:37 AM
                                                Or use a PLBHeikki Kultala2021/09/28 03:53 AM
                                                  Or use a PLBrwessel2021/09/28 07:29 AM
                                        Or use a PLBDavid Hess2021/09/23 06:00 PM
                                          Or use a PLBAdrian2021/09/24 01:21 AM
                                            Or use a PLBdmcq2021/09/25 12:41 PM
                                        Or use a PLBblaine2021/09/26 11:19 PM
                                          Or use a PLBDavid Hess2021/09/27 11:35 AM
                                            Or use a PLBblaine2021/09/27 05:19 PM
                                            Or use a PLBAdrian2021/09/27 10:40 PM
                                              Or use a PLBAdrian2021/09/27 10:59 PM
                                                Or use a PLBdmcq2021/09/28 07:45 AM
                                              Or use a PLBrwessel2021/09/28 07:45 AM
                                              Or use a PLBDavid Hess2021/09/28 12:50 PM
                                                Or use a PLBEtienne Lorrain2021/09/30 01:25 AM
                                                  Or use a PLBDavid Hess2021/10/01 10:40 AM
                                  MMU privilegessr2021/09/21 11:07 AM
                                    MMU privilegesLinus Torvalds2021/09/21 01:49 PM
                            Virtually tagged L1-cachesKonrad Schwarz2021/09/16 04:18 AM
                          Virtually tagged L1-cachesCarson2021/09/16 01:12 PM
                            Virtually tagged L1-cachesanon22021/09/16 05:16 PM
                              Virtually tagged L1-cachesrwessel2021/09/16 06:29 PM
                          Virtually tagged L1-cachessr2021/09/20 04:20 AM
              Virtually tagged L1-caches---2021/09/08 02:28 PM
                Virtually tagged L1-cachesanonymou52021/09/08 08:28 PM
                  Virtually tagged L1-cachesanonymou52021/09/08 08:34 PM
                  Virtually tagged L1-caches---2021/09/09 10:14 AM
                    Virtually tagged L1-cachesanonymou52021/09/09 10:44 PM
                Multi-threading?David Kanter2021/09/09 09:32 PM
                  Multi-threading?---2021/09/10 09:19 AM
                Virtually tagged L1-cachessr2021/09/11 01:19 AM
                Virtually tagged L1-cachessr2021/09/11 01:36 AM
                  Virtually tagged L1-caches---2021/09/11 09:53 AM
                    Virtually tagged L1-cachessr2021/09/12 12:43 AM
                      Virtually tagged L1-cachesLinus Torvalds2021/09/12 11:10 AM
                        Virtually tagged L1-cachessr2021/09/12 11:57 AM
                          Virtually tagged L1-cachesdmcq2021/09/13 08:31 AM
                            Virtually tagged L1-cachessr2021/09/20 04:11 AM
            Virtually tagged L1-cachessr2021/09/11 02:49 AM
      Virtually tagged L1-cachesLinus Torvalds2021/09/08 12:34 PM
        Virtually tagged L1-cachesdmcq2021/09/09 02:46 AM
          Virtually tagged L1-cachesdmcq2021/09/09 02:58 AM
          Virtually tagged L1-cachessr2021/09/11 01:29 AM
            Virtually tagged L1-cachesdmcq2021/09/11 08:59 AM
              Virtually tagged L1-cachessr2021/09/12 12:57 AM
                Virtually tagged L1-cachesdmcq2021/09/12 08:44 AM
                  Virtually tagged L1-cachessr2021/09/12 09:48 AM
                    Virtually tagged L1-cachesdmcq2021/09/12 01:22 PM
                      Virtually tagged L1-cachessr2021/09/20 04:40 AM
    Where do you see this information? (NT)anon22021/09/09 02:45 AM
      Where do you see this information?sr2021/09/11 01:40 AM
        Where do you see this information?anon22021/09/11 01:53 AM
          Where do you see this information?sr2021/09/11 02:08 AM
            Thank you (NT)anon22021/09/11 04:31 PM
Reply to this Topic
Name:
Email:
Topic:
Body: No Text
How do you spell avocado?