Zenbleed
(lock.cmpxchg8b.com)
from tedu@inks.tedunangst.com to inks@inks.tedunangst.com on 25 Jul 2023 01:47
https://inks.tedunangst.com/l/5012
from tedu@inks.tedunangst.com to inks@inks.tedunangst.com on 25 Jul 2023 01:47
https://inks.tedunangst.com/l/5012
What should happen if the processor speculatively executed a vzeroupper, but then discovers that there was a branch misprediction? Well, we will have to revert that operation and put things back the way they were… maybe we can just unset that z-bit?
If we return to the analogy of malloc and free, you can see that it can’t be that simple - that would be like calling free() on a pointer, and then changing your mind!
That would be a use-after-free vulnerability, but there is no such thing as a use-after-free in a CPU… or is there?
threaded - newest