Date: Wed, 12 Sep 2018 10:34:46 -0700 From: Kristen C Accardi <kristen@...ux.intel.com> To: Jann Horn <jannh@...gle.com> Cc: Kernel Hardening <kernel-hardening@...ts.openwall.com> Subject: Re: [RFC PATCH] x86: entry: flush the cache if syscall error On Tue, 2018-09-11 at 20:02 +0200, Jann Horn wrote: > On Mon, Sep 10, 2018 at 9:14 PM Kristen Carlson Accardi > <kristen@...ux.intel.com> wrote: > > This patch aims to make it harder to perform cache timing attacks > > on data > > left behind by system calls. If we have an error returned from a > > syscall, > > flush the L1 cache. > > How much protection does this provide, given that it e.g. doesn't > flush L2/L3 and doesn't prevent data leakage through hyperthreading > and cache coherency? Is an L2/L3-based attack expected to be harder > than an L1D-based one? My reasoning here is that L2/L3 caches can be partitioned using something like CAT (maybe), but L1 cannot. So IMO L1 is the case that needs coverage. Also, while this doesn't address a specific exploit, the idea is that attacks on data in L1D are more common, and the performance penalty for L2/L3 flushes would be too high without a specific exploit in mind.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.