Web lists-archives.com

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws




Nicholas Geovanis <nickgeovanis@xxxxxxxxx> writes:

>On Fri, Jan 5, 2018 at 6:55 AM,  <tomas@xxxxxxxxxx> wrote:
>> (mainframes of that time had at least VM, possibly
>> speculative prefetch).
>
>Is it correct to call branch prediction the same as speculative execution?
>If so, then "yes" they had it, but I don't honestly know if that's correct.
>Pipeline rewinding was necessary on prediction failure, etc, similarly.
>
>> Cheers
>>
>> [1] https://en.wikipedia.org/wiki/Motorola_68000
>>
>> - -- tomás
Branch predition can serve (at leasst) two purposes.  The first is to start
fetching the target instruction data from memory.  AFAIK this cannot be used for the
attacks in question.

The second is in conjunction with spectulation. Specultation means
starting to execute an instruction sequence which may not in fact really
be executed.  The processor is able to roll back all the (architected)
effects of the computation if it turns out not to be needed.

The attacks are based on un-architected effects of speculative execution
- specifially changes in cache content - which can be detected.