On 11/10/23 05:07, Hugo V.C. wrote:
"If people want to improve the hardware, focussing on generic mechanisms such as support for partitioning L2-LL caches would be far more beneficial than point-solutions that will be defeated by the next class of attacks."
The path of partitioning some hardware resourse ends up in full partitioning of the computing platform including power supply. It is simpler (almost zero design effort) and the only "reasonably" secure solution. Whenever you share hardware resources, you open the path to side channels.
At this point one just has multiple separate systems.
On the other hand, PLUS full computing platform partitioning time protection is a must on each isolated computing platform. So here we have two problems that need to be addressed by different vendors:
1) Time protection, CPU/SoC vendors 2) Computing platform isolation (laptop/servers vendors).
Figure out how wonderful would be to have a laptop with X full independent computing platforms inside (fun/work/banking...) and each one based on CPU/SoC solutions with Time Protection.
That works until one needs to use all of the cores on the system for a parallel VM kernel build or for non-accelerated video encoding.
On top of each of those platforms some verified hypervisor/kernel (seL4?).
BTW, the step 2 is straight forward, just make laptops a bit bigger and add a screen swich to switch each isolated computing platform.
One might as well just buy multiple laptops and be able to use them at the same time. -- Sincerely, Demi Marie Obenour (she/her/hers)