sergey bratus · Jan 4, 2018 · 12:38 AM UTC

sergey bratus @sergeybratus

4 Jan 2018

Meltdown & specter appear to vindicate viewing caches as programmable & hence likely exploitable automata. AFAIK, due to @paxteam's NOEXEC.

PaX Team · Jan 4, 2018 · 11:01 AM UTC

PaX Team · Jan 4, 2018 · 11:01 AM UTC

PaX Team @paxteam

4 Jan 2018

if you mean the TLB hacking based PAGEEXEC method, its origins are somewhere else as mentioned in pax.grsecurity.net/docs/page… ;)

Jan 4, 2018 · 11:01 AM UTC

sergey bratus · Jan 4, 2018 · 9:59 PM UTC

sergey bratus @sergeybratus

4 Jan 2018

Replying to @paxteam

Plex86 sure deserves credit. What I meant was, PAGEEXEC mapped out & programmed de facto extra states of the (split) x86 TLB cache.