Stories
Slash Boxes
Comments

SoylentNews is people

Oracle Researchers Working on Linux Protection Against Hyper-Threading Attacks

posted by martyb on Wednesday July 17 2019, @05:22AM   Printer-friendly
from the trying-to-tie-up-some-loose-threads dept.

takyon writes:

Linux May Gain Protection Against Hyper-Threading Attacks

Oracle security researchers have been working on security feature for Linux kernels that could protect Linux-based systems against attacks that affect Intel's Hyper-Threading (HT) feature. Multiple side-channel threats the feature's vulnerable against, including L1TF/Foreshadow and the MDS attacks, have been revealed over the past few months.

The Oracle developers didn't specify whether or not the recent MDS[*] attacks against Intel's HT would also be mitigated through its Kernel Address Space Isolation (KASI), only that it will protect against L1TF/Foreshadow. Other side-channel attacks seem to be up for debate, as any extra isolation being introduced into the kernel could potentially impact the performance of Linux systems.

[...] They're now looking for suggestions on how to improve the feature before they attempt to merge it into an official release of the Linux kernel.

[*] MDS — Microarchitectural Data Sampling. See the explanation by Intel and an in-depth description and analysis at https://mdsattacks.com/.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Oracle Researchers Working on Linux Protection Against Hyper-Threading Attacks | Log In/Create an Account | Top | 6 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Interesting) by Anonymous Coward on Wednesday July 17 2019, @11:35AM (1 child)

    by Anonymous Coward on Wednesday July 17 2019, @11:35AM (#867941)

    Get ready for it, here it comes:
    Disable Hyperthreading.

    Really, in today's world of multicore processors, where systems of dual processors each with 4 or 8 cores are a common sight, does hyperthreading matter? Hylerthreading, this remnant of a world of single core processors, to give the illusion of multicore by sacrificing a bit of performance and power consumption?

    With anything I have worked, I disabled hyperthreading if the system had a total of 4 cores or more. And all worked at least the same performancewise, if not better. The systems I have done this one included database servers, webservers, application servers (java/jboss/wildfly), virtualisation hardware (used with xen, vmware and kvm/proxmox).

    Hyperthreading tech belongs in the museum in a world where true multicore systems exist.

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Total Score:   1  

  • (Score: 2) by jasassin on Wednesday July 17 2019, @09:03PM

    by jasassin (3566) <jasassin@gmail.com> on Wednesday July 17 2019, @09:03PM (#868218) Homepage Journal

    The systems I have done this one included database servers, webservers, application servers (java/jboss/wildfly), virtualisation hardware (used with xen, vmware and kvm/proxmox).

    I just read an article about disabling hyperthreading for web servers. It's supposed to be a lot faster. I think it was on a phoronix benchmark article.

    --
    jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A