Announcement

Collapse
No announcement yet.

Linux Developers Discuss Flushing L1 Cache On Context Switches In Light Of Vulnerabilities

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
    birdie
    Senior Member

  • birdie
    replied
    Originally posted by ermo View Post
    What is the reason that not as many vulnerabilities targeting AMD has yet been published? Even thought I've only been buying AMD hardware for the past 5+ years, I have a hard time believing that AMD's products are just that much more fundamentally secure?

    Is it simply a question of market share at this point, in the sense that it is more valuable to undertake vulnerability research on intel products?
    Intel sponsors the German university that has discovered most of the vulnerabilities - AMD kinda sorta doesn't sponsor anyone and these vulnerabilities are very hard to find.

    Despite that I still believe AMD CPUs are inherently more secure since the most blatant vulnerability (meltdown/LVI) doesn't affect them in any shape of form. In the meantime all OoOE CPUs are affected by both Spectre (1/2) attacks but at least they are not that expensive to mitigate and they are less critical.
    birdie
    Senior Member
    Last edited by birdie; 19 March 2020, 08:41 AM.

    Leave a comment:

  • ermo
    Senior Member

  • ermo
    replied
    What is the reason that not as many vulnerabilities targeting AMD have yet been published? Even thought I've only been buying AMD hardware for the past 5+ years, I have a hard time believing that AMD's products are just that much more fundamentally secure?

    Is it simply a question of market share at this point, in the sense that it is more valuable to undertake vulnerability research on intel products?
    ermo
    Senior Member
    Last edited by ermo; 19 March 2020, 08:38 AM.

    Leave a comment:

  • Danny3
    Senior Member

  • Danny3
    replied
    Oh come on, not another performance crippling change.
    I'm tired of these "In the name of security..."
    I bet there are 1000 more things we can do here, clear / erase every cache after each instruction, encrypt / decrypt, but come one not everyone has supercomputers or Threadrippers at home that can handle everything you throw at it.

    In my opinion. do all the security enhancement you want, but stop enabling them by default !
    Just leave the people who need NASA level security to enable them themselves.

    Leave a comment:

  • tchiwam
    Phoronix Member

  • tchiwam
    replied
    Hmmm... Why not prefetch the new context and save time ? Maybe mark a prefetch function in some code to help find the important data ?

    Leave a comment:

  • boxie
    Senior Member

  • boxie
    replied
    This seems like a good option if a vuln is disclosed before an appropriate fix has been developed.

    Leave a comment:

  • phoronix
    Administrator

  • Linux Developers Discuss Flushing L1 Cache On Context Switches In Light Of Vulnerabilities

    Phoronix: Linux Developers Discuss Flushing L1 Cache On Context Switches In Light Of Vulnerabilities

    In light of data sampling vulnerabilities like MDS, engineers from Amazon, Google, and other organizations are discussing a proof-of-concept implementation that would optionally flush the L1 data cache on context switches...

    http://www.phoronix.com/scan.php?pag...Context-Switch
Working...
X