Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 22 Jun 2018 16:16:05 +0200
From: Solar Designer <solar@...nwall.com>
To: Michael Ellerman <mpe@...erman.id.au>
Cc: oss-security@...ts.openwall.com
Subject: Re: Intel hyper-threading security issues

On Fri, Jun 22, 2018 at 02:08:03PM +1000, Michael Ellerman wrote:
> Solar Designer <solar@...nwall.com> writes:
> > you can obtain the needed information from /proc/cpuinfo or
> > /sys/devices/system/cpu/cpu*/topology/* to choose which logical CPUs you
> > disable (so that you leave only one per physical core).
> >
> > On a related note, attached is a generic Linux /proc/cpuinfo parser
> 
> I guess by "generic" you mean Intel & AMD? :)

Actually, I meant not making any assumptions about the ordering of
logical CPUs, which I saw vary even between similar systems.  But you're
right - this is x86-specific - should work on Linux kernels built for
i686, x86_64, k1om (aka MIC), tested starting with RHEL5'ish systems.
The sysfs approach is probably preferable.

> It won't work on powerpc, or arm, or arm64 ...
> 
> You should be able to determine all of the info you need from the sysfs
> topology files, which work across arches.
> 
> See the script below for example, which shows CPUs grouped by core.

Thanks.  FWIW, your script does indeed work fine on GCC Compile Farm's
POWER7 box running CentOS 7.4:

[solar@...1-power7 ~]$ ./cpu.py
0: 0, 1, 2, 3
4: 4, 5, 6, 7
8: 8, 9, 10, 11
12: 12, 13, 14, 15
16: 16, 17, 18, 19
20: 20, 21, 22, 23
24: 24, 25, 26, 27
28: 28, 29, 30, 31
32: 32, 33, 34, 35
36: 36, 37, 38, 39
40: 40, 41, 42, 43
44: 44, 45, 46, 47
48: 48, 49, 50, 51
52: 52, 53, 54, 55
56: 56, 57, 58, 59
60: 60, 61, 62, 63

This is consistent with my benchmarks of different thread affinity
settings on that box (e.g., "GOMP_CPU_AFFINITY=0-63:4
OMP_NUM_THREADS=16" to use one thread per core in OpenMP).

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ