Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 22 Jun 2018 14:08:03 +1000
From: Michael Ellerman <mpe@...erman.id.au>
To: Solar Designer <solar@...nwall.com>, oss-security@...ts.openwall.com
Subject: Re: Intel hyper-threading security issues

Solar Designer <solar@...nwall.com> writes:
> On Thu, Jun 21, 2018 at 01:54:16PM +0200, Sven Schwedas wrote:
>> On 2018-06-21 12:28, Lukas Odzioba wrote:
>> > Or use cpu hotplug mechanism, which should be way more convenient:
>> > https://www.kernel.org/doc/html/v4.17/core-api/cpu_hotplug.html
>> 
>> Hotplug doesn't seem differentiate between HT threads and physical
>> cores,
>
> This isn't exactly the question to ask: first vs. second thread in a
> core aren't any different, neither of them is "the physical core" unless
> you choose not to use the other.
>
> And you can obtain the needed information from /proc/cpuinfo or
> /sys/devices/system/cpu/cpu*/topology/* to choose which logical CPUs you
> disable (so that you leave only one per physical core).
>
> On a related note, attached is a generic Linux /proc/cpuinfo parser I

I guess by "generic" you mean Intel & AMD? :)

It won't work on powerpc, or arm, or arm64 ...

You should be able to determine all of the info you need from the sysfs
topology files, which work across arches.

See the script below for example, which shows CPUs grouped by core.

cheers


#!/usr/bin/python3

import os
import glob

by_core = {}

for path in glob.iglob('/sys/devices/system/cpu/cpu*/topology/core_id'):
    num = int(path.split('/')[5].replace('cpu', ''))
    core_id = int(open(path).read(), 10)
    by_core.setdefault(core_id, []).append(num)

for core in sorted(by_core.keys()):
    print('%d: %s' % (core, ', '.join([str(s) for s in sorted(by_core[core])])))

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ