181539 – Reserve a fast TLS key for GC TLC

RESOLVED FIXED 181539

Reserve a fast TLS key for GC TLC

https://bugs.webkit.org/show_bug.cgi?id=181539

Summary Reserve a fast TLS key for GC TLC

Filip Pizlo

Reported 2018-01-11 09:37:39 PST

Who knew that thread-local caches would be an essential mitigation for timing attacks. But here's how it works: if we have TLCs then we can "context switch" them when we "context switch" origins. This allows us to put some minimal distance between objects from different origins, which gives us the ability to allow small overflows when doing certain bounds checks without creating a useful Spectre information leak.

Attachments
the patch (1.74 KB, patch) 2018-01-11 09:48 PST, Filip Pizlo	ap: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Filip Pizlo

Comment 1 2018-01-11 09:48:31 PST

Created attachment 331061 [details] the patch

Filip Pizlo

Comment 2 2018-01-11 09:59:26 PST

Landed in http://trac.webkit.org/changeset/226784/webkit

Radar WebKit Bug Importer

Comment 3 2018-01-11 10:00:18 PST

<rdar://problem/36441606>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware All

OS All

Product WebKit

Component Web Template Framework

Assignee

Filip Pizlo

Reported

2018-01-11 09:37 PST

Modified

2018-01-11 10:00 PST History

CC List

6 users Show

URL

Keywords InRadar

Depends on

Blocks