> As I understand it, on intel cpus and possibly more, we'll need to
> unmap the kernel on userret, or else userland can read arbitrary
> kernel memory.
"Possibly more"? Anything that does speculative execution needs a good
hard look, and that's damn near everything these days.
> Also, I understand that to exploit this, one has to attempt to access
> kernel memory a lot, and SEGV at least once per bit.
I don't think so. Traps that would be taken during normal execution
are not taken during speculative execution. The problem is, to quote
one writeup I found, "Intel CPUs are allowed to access kernel memory
when performing speculative execution, even when the application in
question is running in user memory space. The CPU does check to see if
an invalid memory access occurs, but it performs the check after
speculative execution, not before.". This means that things like cache
line loads can occur based on values the currently executing process
should not be able to access; timing access to data that cache-collides
with the cache lines of interest reveals the leaked bit(s).
Nowhere in there is a SEGV generated.
That's the meltdown stuff. Spectre targets other things (I've seen
branch prediction mentioned) to leak information around protection
barriers.