Amazon Engineer's Patch For Flushing L1 Cache On Context Switching Revved
Earlier this month there was the proposal by a Linux kernel engineer for Amazon to flush the L1 data cache on context switches as another safeguard against the ever increasing CPU vulnerabilities.
The motivation for flushing the L1d cache on context switches is driven as a result of Intel's data sampling vulnerabilities and this safeguard would be an opt-in feature for those paranoid about system security. Flushing the L1 cache would ensure the data is not being snooped or leaked following a context switch but with all of the cache flushing could significantly hamper the system performance.
A second version of this optional L1 data cache flushing on context switching was sent out this week. Amazon's Balbir Singh noted, "This patch is a continuation of RFC/PoC to start the discussion on optionally flushing L1D cache. The goal is to allow tasks that are paranoid due to the recent snoop assisted data sampling vulnerabilites, to flush their L1D on being switched out. This protects their data from being snooped or leaked via side channels after the task has context switched out."
Based on feedback from the initial proof of concept code, this feature is being advanced with at least some expressing interest in this functionality. Brought up earlier was also the possibility of flushing the L1 cache prior to switching into a new task for ensuring nothing nefarious is residing within the L1 cache, but that aspect isn't being pursued for the moment.
Those wanting to explore this optional L1d flushing on context switching can do so via this kernel mailing list thread.
The motivation for flushing the L1d cache on context switches is driven as a result of Intel's data sampling vulnerabilities and this safeguard would be an opt-in feature for those paranoid about system security. Flushing the L1 cache would ensure the data is not being snooped or leaked following a context switch but with all of the cache flushing could significantly hamper the system performance.
A second version of this optional L1 data cache flushing on context switching was sent out this week. Amazon's Balbir Singh noted, "This patch is a continuation of RFC/PoC to start the discussion on optionally flushing L1D cache. The goal is to allow tasks that are paranoid due to the recent snoop assisted data sampling vulnerabilites, to flush their L1D on being switched out. This protects their data from being snooped or leaked via side channels after the task has context switched out."
Based on feedback from the initial proof of concept code, this feature is being advanced with at least some expressing interest in this functionality. Brought up earlier was also the possibility of flushing the L1 cache prior to switching into a new task for ensuring nothing nefarious is residing within the L1 cache, but that aspect isn't being pursued for the moment.
Those wanting to explore this optional L1d flushing on context switching can do so via this kernel mailing list thread.
2 Comments