Linux May Gain Protection Against Hyper-Threading Attacks
Oracle security researchers have been working on security feature for Linux kernels that could protect Linux-based systems against attacks that affect Intel's Hyper-Threading (HT) feature. Multiple side-channel threats the feature's vulnerable against, including L1TF/Foreshadow and the MDS attacks, have been revealed over the past few months.
The Oracle developers didn't specify whether or not the recent MDS[*] attacks against Intel's HT would also be mitigated through its Kernel Address Space Isolation (KASI), only that it will protect against L1TF/Foreshadow. Other side-channel attacks seem to be up for debate, as any extra isolation being introduced into the kernel could potentially impact the performance of Linux systems.
[...] They're now looking for suggestions on how to improve the feature before they attempt to merge it into an official release of the Linux kernel.
[*] MDS — Microarchitectural Data Sampling. See the explanation by Intel and an in-depth description and analysis at https://mdsattacks.com/.
(Score: 0) by Anonymous Coward on Wednesday July 17 2019, @12:02PM
British name for toilet.