Computing

Intel LASS Feature Looks Like It Will Be Upstreamed For Linux 6.19

News Room
News Room
Intel LASS Feature Looks Like It Will Be Upstreamed For Linux 6.19

Intel’s LASS functionality was queued today into tip/tip.git’s “x86/cpu” Git branch. With LASS now making it into a TIP branch, it looks like it will be submitted for the upcoming Linux 6.19 merge window barring any last minute issues or objections from Linus Torvalds.

LASS is short for Linear Address Space Separation and is a security feature that Intel software engineers have been working on for the Linux kernel for the past nearly three years. It was back in January 2023 when first writing about Intel proposing LASS patches for the Linux kernel. Since then it’s gone through several rounds of revisions and code review as well as dealing with various Intel engineer departures during this time.

Intel CPUs

Linear Address Space Separation is described in the Linux kernel patches as:

“Linear Address Space Separation (LASS) is a security feature that mitigates a class of side-channel attacks relying on speculative access across the user/kernel boundary.

Privilege mode based access protection already exists today with paging and features such as SMEP and SMAP. However, to enforce these protections, the processor must traverse the paging structures in memory. An attacker can use timing information resulting from this traversal to determine details about the paging structures, and to determine the layout of the kernel memory.

LASS provides the same mode-based protections as paging but without traversing the paging structures. Because the protections are enforced prior to page-walks, an attacker will not be able to derive paging-based timing information from the various caching structures such as the TLBs, mid-level caches, page walker, data caches, etc.



LASS mitigates a class of side-channel speculative attacks, such as Spectre LAM, described in the paper, “Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation”.

Add the “lass” flag to /proc/cpuinfo to indicate that the feature is supported by hardware and enabled by the kernel. This allows userspace to determine if the system is secure against such attacks.”

I haven’t seen any documentation over which current or future Intel CPU generations support LASS. LASS will be enabled by default for all CPUs with the feature bit present.

Intel LASS patches

Assuming no last minute snags, look for this Intel LASS security feature to be part of the upcoming Linux 6.19 kernel via the x86/cpu branch.

Share This Article
Previous Article Supreme Court upholds law banning TikTok if it’s not sold by its Chinese parent company Supreme Court upholds law banning TikTok if it’s not sold by its Chinese parent company
Next Article Artificial Intelligence Association of Hong Kong (AIHK) Annual Conference 2025: Building a Global Center of Excellence (CoE) for Artificial Intelligence Artificial Intelligence Association of Hong Kong (AIHK) Annual Conference 2025: Building a Global Center of Excellence (CoE) for Artificial Intelligence
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Latest News

I’ve reviewed the top Android tablets – these are worth looking out for over Black Friday
I’ve reviewed the top Android tablets – these are worth looking out for over Black Friday
Gadget
Here’s everything we know about Google’s Gemini 3
Here’s everything we know about Google’s Gemini 3
Computing
Parts of the internet stop working globally after major network goes down
Parts of the internet stop working globally after major network goes down
News
TheCUBE at AWS re:Invent 2025: AI infrastructure and custom silicon – News
TheCUBE at AWS re:Invent 2025: AI infrastructure and custom silicon – News
News
Lost your password?