By: sr (nobody.delete@this.nowhere.com), September 25, 2021 9:19 am
Room: Moderated Discussions
Linus Torvalds (torvalds.delete@this.linux-foundation.org) on September 24, 2021 10:45 am wrote:
> And then 99.9% of all code doesn't want it, because most memory accesses by far are perfectly normal
> loads and stores from regular local sources with absolutely no reason to worry about data leaks.
Main point weren't, and still isn't security from other processes. Main point of segmentation is to protect your own code from itself. By giving every object of object-oriented programming model it's pure minimum access to memory will prevent most of memory-leaking bugs. Give object reading access to where it needs and a scratch memory for it's own needs and write access where it supposedly needs to write to and it's possibilities to screw things will be minimal compared to full access to whole process's memory.
Why would code and data share address space? Same for stack. Anything leading buffer overrun can lead to execution of attackers data. That was partly solved with data execution disable for data pages with NX-bit with x86-64.
How much effort is today used for software-based algorithms to isolate child programs execution in sandboxed environment - why is segmenting considered so limiting that it isn't even considered as option? X86-64 neutered that segmentation model but in way that it might be possible bring it back if seen useful?
> And then 99.9% of all code doesn't want it, because most memory accesses by far are perfectly normal
> loads and stores from regular local sources with absolutely no reason to worry about data leaks.
Main point weren't, and still isn't security from other processes. Main point of segmentation is to protect your own code from itself. By giving every object of object-oriented programming model it's pure minimum access to memory will prevent most of memory-leaking bugs. Give object reading access to where it needs and a scratch memory for it's own needs and write access where it supposedly needs to write to and it's possibilities to screw things will be minimal compared to full access to whole process's memory.
Why would code and data share address space? Same for stack. Anything leading buffer overrun can lead to execution of attackers data. That was partly solved with data execution disable for data pages with NX-bit with x86-64.
How much effort is today used for software-based algorithms to isolate child programs execution in sandboxed environment - why is segmenting considered so limiting that it isn't even considered as option? X86-64 neutered that segmentation model but in way that it might be possible bring it back if seen useful?
Topic | Posted By | Date |
---|---|---|
POWER10 SAP SD benchmark | anon2 | 2021/09/06 02:36 PM |
POWER10 SAP SD benchmark | Daniel B | 2021/09/07 01:31 AM |
"Cores" (and SPEC) | Rayla | 2021/09/07 06:51 AM |
"Cores" (and SPEC) | anon | 2021/09/07 02:56 PM |
POWER10 SAP SD benchmark | Anon | 2021/09/07 02:24 PM |
POWER10 SAP SD benchmark | Anon | 2021/09/07 02:27 PM |
Virtually tagged L1-caches | sr | 2021/09/08 04:49 AM |
Virtually tagged L1-caches | dmcq | 2021/09/08 07:22 AM |
Virtually tagged L1-caches | sr | 2021/09/08 07:56 AM |
Virtually tagged L1-caches | Hugo Décharnes | 2021/09/08 07:58 AM |
Virtually tagged L1-caches | sr | 2021/09/08 09:09 AM |
Virtually tagged L1-caches | Hugo Décharnes | 2021/09/08 09:46 AM |
Virtually tagged L1-caches | sr | 2021/09/08 10:35 AM |
Virtually tagged L1-caches | Hugo Décharnes | 2021/09/08 11:23 AM |
Virtually tagged L1-caches | sr | 2021/09/08 11:40 AM |
Virtually tagged L1-caches | anon | 2021/09/09 02:16 AM |
Virtually tagged L1-caches | Konrad Schwarz | 2021/09/10 04:19 AM |
Virtually tagged L1-caches | Hugo Décharnes | 2021/09/10 05:59 AM |
Virtually tagged L1-caches | anon | 2021/09/14 02:17 AM |
Virtually tagged L1-caches | dmcq | 2021/09/14 08:34 AM |
Or use a PLB (NT) | Paul A. Clayton | 2021/09/14 08:45 AM |
Or use a PLB | Linus Torvalds | 2021/09/14 02:27 PM |
Or use a PLB | anon | 2021/09/14 11:15 PM |
Or use a PLB | Michael S | 2021/09/15 02:21 AM |
Or use a PLB | dmcq | 2021/09/15 02:42 PM |
Or use a PLB | Konrad Schwarz | 2021/09/16 03:24 AM |
Or use a PLB | Michael S | 2021/09/16 09:13 AM |
Or use a PLB | --- | 2021/09/16 12:02 PM |
PLB reference | Paul A. Clayton | 2021/09/18 01:35 PM |
PLB reference | Michael S | 2021/09/18 03:14 PM |
Demand paging/translation orthogonal | Paul A. Clayton | 2021/09/19 06:33 AM |
Demand paging/translation orthogonal | Michael S | 2021/09/19 08:10 AM |
PLB reference | Carson | 2021/09/20 09:19 PM |
PLB reference | sr | 2021/09/20 05:02 AM |
PLB reference | Michael S | 2021/09/20 06:03 AM |
PLB reference | Linus Torvalds | 2021/09/20 11:10 AM |
Or use a PLB | sr | 2021/09/20 03:32 AM |
Or use a PLB | sr | 2021/09/21 08:36 AM |
Or use a PLB | Linus Torvalds | 2021/09/21 09:04 AM |
Or use a PLB | sr | 2021/09/21 09:48 AM |
Or use a PLB | Linus Torvalds | 2021/09/21 12:55 PM |
Or use a PLB | sr | 2021/09/22 05:55 AM |
Or use a PLB | rwessel | 2021/09/22 06:09 AM |
Or use a PLB | Linus Torvalds | 2021/09/22 10:50 AM |
Or use a PLB | sr | 2021/09/22 12:00 PM |
Or use a PLB | dmcq | 2021/09/22 03:07 PM |
Or use a PLB | Etienne Lorrain | 2021/09/23 07:50 AM |
Or use a PLB | anon2 | 2021/09/22 03:09 PM |
Or use a PLB | dmcq | 2021/09/23 01:35 AM |
Or use a PLB | ⚛ | 2021/09/23 08:37 AM |
Or use a PLB | Linus Torvalds | 2021/09/23 11:01 AM |
Or use a PLB | gpd | 2021/09/24 02:59 AM |
Or use a PLB | Linus Torvalds | 2021/09/24 09:45 AM |
Or use a PLB | dmcq | 2021/09/24 11:43 AM |
Or use a PLB | sr | 2021/09/25 09:19 AM |
Or use a PLB | Linus Torvalds | 2021/09/25 09:44 AM |
Or use a PLB | sr | 2021/09/25 10:11 AM |
Or use a PLB | Linus Torvalds | 2021/09/25 10:31 AM |
Or use a PLB | sr | 2021/09/25 10:52 AM |
Or use a PLB | Linus Torvalds | 2021/09/25 11:05 AM |
Or use a PLB | sr | 2021/09/25 11:23 AM |
Or use a PLB | rwessel | 2021/09/25 02:29 PM |
Or use a PLB | sr | 2021/09/30 11:22 PM |
Or use a PLB | rwessel | 2021/10/01 05:19 AM |
Or use a PLB | David Hess | 2021/10/01 09:35 AM |
Or use a PLB | rwessel | 2021/10/02 03:47 AM |
Or use a PLB | sr | 2021/10/02 10:16 AM |
Or use a PLB | rwessel | 2021/10/02 10:53 AM |
Or use a PLB | Linus Torvalds | 2021/09/25 10:57 AM |
Or use a PLB | sr | 2021/09/25 11:07 AM |
Or use a PLB | Linus Torvalds | 2021/09/25 11:21 AM |
Or use a PLB | sr | 2021/09/25 11:40 AM |
Or use a PLB | nksingh | 2021/09/27 08:07 AM |
Or use a PLB | ⚛ | 2021/09/27 08:02 AM |
Or use a PLB | Linus Torvalds | 2021/09/27 09:20 AM |
Or use a PLB | Linus Torvalds | 2021/09/27 11:58 AM |
Or use a PLB | dmcq | 2021/09/28 09:59 AM |
Or use a PLB | sr | 2021/09/25 09:34 AM |
Or use a PLB | rwessel | 2021/09/25 02:44 PM |
Or use a PLB | sr | 2021/10/01 12:04 AM |
Or use a PLB | rwessel | 2021/10/01 05:33 AM |
I386 segmentation highlights | sr | 2021/10/04 06:53 AM |
I386 segmentation highlights | Adrian | 2021/10/04 08:53 AM |
I386 segmentation highlights | sr | 2021/10/04 09:19 AM |
I386 segmentation highlights | rwessel | 2021/10/04 03:57 PM |
I386 segmentation highlights | sr | 2021/10/05 10:16 AM |
I386 segmentation highlights | Michael S | 2021/10/05 11:27 AM |
I386 segmentation highlights | rwessel | 2021/10/05 03:20 PM |
Or use a PLB | JohnG | 2021/09/25 09:18 PM |
Or use a PLB | ⚛ | 2021/09/27 06:37 AM |
Or use a PLB | Heikki Kultala | 2021/09/28 02:53 AM |
Or use a PLB | rwessel | 2021/09/28 06:29 AM |
Or use a PLB | David Hess | 2021/09/23 05:00 PM |
Or use a PLB | Adrian | 2021/09/24 12:21 AM |
Or use a PLB | dmcq | 2021/09/25 11:41 AM |
Or use a PLB | blaine | 2021/09/26 10:19 PM |
Or use a PLB | David Hess | 2021/09/27 10:35 AM |
Or use a PLB | blaine | 2021/09/27 04:19 PM |
Or use a PLB | Adrian | 2021/09/27 09:40 PM |
Or use a PLB | Adrian | 2021/09/27 09:59 PM |
Or use a PLB | dmcq | 2021/09/28 06:45 AM |
Or use a PLB | rwessel | 2021/09/28 06:45 AM |
Or use a PLB | David Hess | 2021/09/28 11:50 AM |
Or use a PLB | Etienne Lorrain | 2021/09/30 12:25 AM |
Or use a PLB | David Hess | 2021/10/01 09:40 AM |
MMU privileges | sr | 2021/09/21 10:07 AM |
MMU privileges | Linus Torvalds | 2021/09/21 12:49 PM |
Virtually tagged L1-caches | Konrad Schwarz | 2021/09/16 03:18 AM |
Virtually tagged L1-caches | Carson | 2021/09/16 12:12 PM |
Virtually tagged L1-caches | anon2 | 2021/09/16 04:16 PM |
Virtually tagged L1-caches | rwessel | 2021/09/16 05:29 PM |
Virtually tagged L1-caches | sr | 2021/09/20 03:20 AM |
Virtually tagged L1-caches | --- | 2021/09/08 01:28 PM |
Virtually tagged L1-caches | anonymou5 | 2021/09/08 07:28 PM |
Virtually tagged L1-caches | anonymou5 | 2021/09/08 07:34 PM |
Virtually tagged L1-caches | --- | 2021/09/09 09:14 AM |
Virtually tagged L1-caches | anonymou5 | 2021/09/09 09:44 PM |
Multi-threading? | David Kanter | 2021/09/09 08:32 PM |
Multi-threading? | --- | 2021/09/10 08:19 AM |
Virtually tagged L1-caches | sr | 2021/09/11 12:19 AM |
Virtually tagged L1-caches | sr | 2021/09/11 12:36 AM |
Virtually tagged L1-caches | --- | 2021/09/11 08:53 AM |
Virtually tagged L1-caches | sr | 2021/09/11 11:43 PM |
Virtually tagged L1-caches | Linus Torvalds | 2021/09/12 10:10 AM |
Virtually tagged L1-caches | sr | 2021/09/12 10:57 AM |
Virtually tagged L1-caches | dmcq | 2021/09/13 07:31 AM |
Virtually tagged L1-caches | sr | 2021/09/20 03:11 AM |
Virtually tagged L1-caches | sr | 2021/09/11 01:49 AM |
Virtually tagged L1-caches | Linus Torvalds | 2021/09/08 11:34 AM |
Virtually tagged L1-caches | dmcq | 2021/09/09 01:46 AM |
Virtually tagged L1-caches | dmcq | 2021/09/09 01:58 AM |
Virtually tagged L1-caches | sr | 2021/09/11 12:29 AM |
Virtually tagged L1-caches | dmcq | 2021/09/11 07:59 AM |
Virtually tagged L1-caches | sr | 2021/09/11 11:57 PM |
Virtually tagged L1-caches | dmcq | 2021/09/12 07:44 AM |
Virtually tagged L1-caches | sr | 2021/09/12 08:48 AM |
Virtually tagged L1-caches | dmcq | 2021/09/12 12:22 PM |
Virtually tagged L1-caches | sr | 2021/09/20 03:40 AM |
Where do you see this information? (NT) | anon2 | 2021/09/09 01:45 AM |
Where do you see this information? | sr | 2021/09/11 12:40 AM |
Where do you see this information? | anon2 | 2021/09/11 12:53 AM |
Where do you see this information? | sr | 2021/09/11 01:08 AM |
Thank you (NT) | anon2 | 2021/09/11 03:31 PM |