Re: Mixed signals on CPU's
My memory may be a bit weak in the management areas due to lack of coffee, but AFAICR:
* a Memory Management Unit - everything after the 8086
* a memory cache - everything after the 80386
* a branch predictor - Probably Pentium 1 and up
* Supervisor & User modes - everything after the 8086
I think there is slightly more to the story than what you said. Specifically, the issue
depends on how the MMU works, and how it is used.
I have not been involved in CPU design for over 30 years BUT:
I would not expect user mode code to have any way to be aware of the MMU's internal
* The MMU should disallow access to all virtual pages not in use by the current task.
* Addresses in the current user address space not mapping to physical memory should map to either a virtual address saying "illegal access" or to one saying "You will need to swap me in before you can read me"
* there should be NO way to access physical memory that does not go via the MMU - not even for speculative instruction or data fetch.
The bug reports seem to describe noticing that a speculative fetch that goes unused causes a delay which can be used to identify the value of data FROM THE DELAY. I dont understand this. If the speculative address names is not in cache, then how is fetching it speculatively justified?
Conclusion - This is not MMU - this is cache management - which SHOULD do a similar thing to what the MMU does BUT ISN'T DOING IT. The bug is (partly) that you can read data in the cache that is not yours. This is not really a risk UNLESS: There is some way to find out whose it is.
While MMU pages are normally 4k bytes, cache lines are more like 16 bytes. Fetching 16 bytes from "somewhere", with no way to find (or control) which page of whose address space they belong to is not a significant risk, although obviously undesirable. In normal circumstances, your next attempt to do this would probably fetch from a completely different page in a different task.
Clearly we are not being told the whole truth here.
It seems more like there is a way to FORCE the caching of other people's address spaces and make that visible to you. That gives you security on a level with a Commodore Pet. If so, then yes, Intel may have to replace every CPU since on chip caching (probably Pentium 1).