Ask HN: Could JavaScript be moved to a higher x86 ring than userspace?
There are various mitigations against Meltdown (and AMD is immune), but the general consensus seems to be that there isn't much that can be done about Spectre. The x86 architecture has four rings of protection, but usually only ring 0 (kernel) and ring 3 (userspace) are used. What if userspace was moved to ring 2 so that ring 3 could be used for even less privileged JavaScript execution, reducing Spectre back to a special case of Meltdown which can be solved at the hardware level without performance issues (except perhaps for the new cost of making "system calls" out of JavaScript)? This would also significantly hamper any attempt at remote code execution in the browser. Is this viable? 0 comments on Hacker News.
There are various mitigations against Meltdown (and AMD is immune), but the general consensus seems to be that there isn't much that can be done about Spectre. The x86 architecture has four rings of protection, but usually only ring 0 (kernel) and ring 3 (userspace) are used. What if userspace was moved to ring 2 so that ring 3 could be used for even less privileged JavaScript execution, reducing Spectre back to a special case of Meltdown which can be solved at the hardware level without performance issues (except perhaps for the new cost of making "system calls" out of JavaScript)? This would also significantly hamper any attempt at remote code execution in the browser. Is this viable?
There are various mitigations against Meltdown (and AMD is immune), but the general consensus seems to be that there isn't much that can be done about Spectre. The x86 architecture has four rings of protection, but usually only ring 0 (kernel) and ring 3 (userspace) are used. What if userspace was moved to ring 2 so that ring 3 could be used for even less privileged JavaScript execution, reducing Spectre back to a special case of Meltdown which can be solved at the hardware level without performance issues (except perhaps for the new cost of making "system calls" out of JavaScript)? This would also significantly hamper any attempt at remote code execution in the browser. Is this viable? 0 comments on Hacker News.
There are various mitigations against Meltdown (and AMD is immune), but the general consensus seems to be that there isn't much that can be done about Spectre. The x86 architecture has four rings of protection, but usually only ring 0 (kernel) and ring 3 (userspace) are used. What if userspace was moved to ring 2 so that ring 3 could be used for even less privileged JavaScript execution, reducing Spectre back to a special case of Meltdown which can be solved at the hardware level without performance issues (except perhaps for the new cost of making "system calls" out of JavaScript)? This would also significantly hamper any attempt at remote code execution in the browser. Is this viable?
Hacker News story: Ask HN: Could JavaScript be moved to a higher x86 ring than userspace?
![Hacker News story: Ask HN: Could JavaScript be moved to a higher x86 ring than userspace?]()
Reviewed by Tha Kur
on
January 04, 2018
Rating:
No comments: