Opt-In L1 Cache Flushing To Try For Linux 5.15 To Help With The Paranoid, Future CPU Vulnerabilities

Worked on for more than one year is the patches out of Amazon for allowing opt-in L1 data cache flushing on context switching. This L1d flushing is done in the name of greater security given the various CPU speculative execution hardware vulnerabilities these days and protecting against other possible future vulnerabilities. After trying to get the code merged last summer, Linus Torvalds called it "beyond stupid" and reverted the code but now for Linux 5.15 a revised form of it was submitted.

Linus Torvalds criticized this L1d cache flushing for the paranoid as being poorly engineered in its initial form around its software flushing fallback that may not even flush the L1 data cache in some instances, applications potentially abusing this interface, and the performance impact this flushing would have on other applications. Those issues along with other criticism from Linus led him to reverting it shortly after it was originally sent in for Linux 5.8.

Since then the code has been revised so now it should be less "stupid". This opt-in L1d cache flushing now requires a special boot flag (l1d_flush=on) for it to be even enabled at run-time, the L1d flushing is disabled for CPUs not affected by the Intel L1TF Foreshadow vulnerability, and the previously criticized L1d software flushing fallback path is removed.

In now trying to sell this opt-in, per-application L1 data cache flushing on context switch feature to Linus Torvalds, the pull request sums it up as, "A stop gap for potential future speculation related hardware vulnerabilities and a mechanism for truly security paranoid applications. It allows a task to request that the L1D cache is flushed when the kernel switches to a different mm. This can be requested via prctl()."

We'll see what Linus Torvalds thinks of it this time around and whether it will make it into Linux 5.15.