This is How You Lose the Transient Execution War
share
A new class of vulnerabilities related to speculative and out-of-order execution, fault-injection, and microarchitectural side channels rose to attention in 2018. The techniques behind the transient execution vulnerabilities were not new, but the combined application of the techniques was more sophisticated, and the security impact more severe, than previously considered possible. Numerous mitigations have been proposed and implemented for variants of the transient execution vulnerabilities. While Meltdown-type exception-based transient execution vulnerabilities have proven to be tractable, Spectre-type vulnerabilities and other speculation-based transient execution vulnerabilities have been far more resistant to countermeasures. A few proposed mitigations have been widely adopted by hardware vendors and software developers, but combining those commonly deployed mitigations does not produce an effective and comprehensive solution, it only protects against a small subset of the variants. Over the years, newly proposed mitigations have been trending towards more effective and comprehensive approaches with better performance, and yet, older mitigations remain the most popular despite limited security benefits and prohibitive performance penalties. If we continue this way, we can look forward to many generations of hardware debilitated by performance penalties from increasing layers of mitigations as new variants are discovered, and yet still vulnerable to both known and future variants.
READ FULL TEXT