Core Scheduling Looks Like It Will Be Ready For Linux 5.14 To Avoid Disabling SMT/HT
Written by Michael Larabel in Linux Security on 12 May 2021 at 10:21 AM EDT. 4 Comments
LINUX SECURITY --
It looks like the years-long effort around CPU core scheduling that's been worked on by multiple vendors in light of CPU security vulnerabilities threatening SMT/HT security will see mainline later this summer with Linux 5.14.

Linux core scheduling has been worked on by pretty much all of the hyperscalers and public cloud providers to improve security without disabling Hyper Threading. Core scheduling is ultimately about what resources can share a CPU core and ensuring potentially unsafe tasks don't run on a sibling thread of a trusted task.

By ensuring trusted/untrusted tasks don't share a core by way of HT/SMT, they can more comfortably keep Hyper Threading enabled that for public cloud providers is particularly important with the amount of "vCPUs" they can offer per server.

Core scheduling should be effective at mitigating user-space to user-space and user-to-kernel attacks when the functionality is properly used. But the default kernel policy will not change over how tasks are scheduled but is up to the administrator for identifying tasks that can or cannot share CPU resources.

Today, just days after the closure of the Linux 5.13 merge window, tip/tip's sched/core branch has now picked up Oracle's core scheduling patches. Now that the Oracle core-scheduling patches have reached sched/core, it means we are very likely to see this in turn mainlined for Linux 5.14 once that next kernel cycle opens.

As mentioned, this doesn't change default behavior of the kernel. The core scheduling behavior can be manipulated via a prctl() interface for interested parties.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week