Language Selection

English French German Italian Portuguese Spanish

Torvalds Blasts "Beyond Stupid" Flushing L1d On Context Switches - Reverts Code For Now

Filed under
Linux

As part of the initial set of changes merged today for Linux 5.8 was the x86/mm material that included the controversial feature of opt-in flushing of the L1 data cache on context switching. Linus Torvalds ended up deciding to revert this functionality as for now at least he views it as crazy.

While this feature is opt-in via new prctl options and not enabled by default and done in the name of helping those concerned about snoop assisted data sampling vulnerabilities or cache leakage via side channels and yet to be uncovered CPU vulnerabilities, for the time being Linux creator Linus Torvalds is not convinced.

Read more

Original:

  • Re: [GIT PULL] x86/mm changes for v5.8
    >  - Provide an opt-in (prctl driven) mechanism to flush the L1D cache on context switch.
    >    The goal is to allow tasks that are paranoid due to the recent snoop assisted data
    >    sampling vulnerabilites, to flush their L1D on being switched out.
    
    Am I mis-reading this?
    
    Because it looks to me like this basically exports cache flushing
    instructions to user space, and gives processes a way to just say
    "slow down anybody else I schedule with too".
    
    I don't see a way for a system admin to say "this is stupid, don't do it".
    
    In other words, from what I can tell, this takes the crazy "Intel
    ships buggy CPU's and it causes problems for virtualization" code
    (which I didn't much care about), and turns it into "anybody can opt
    in to this disease, and now it affects even people and CPU's that
    don't need it and configurations where it's completely pointless".
    
    To make matters worse, it has that SW flushing fallback that isn't
    even architectural from what I remember of the last time it was
    discussed, but most certainly will waste a lot of time going through
    the motions that may or may not flush the L1D after all.
    
    I don't want some application to go "Oh, I'm _soo_ special and pretty
    and such a delicate flower, that I want to flush the L1D on every task
    switch, regardless of what CPU I am on, and regardless of whether
    there are errata or not".
    
    Because that app isn't just slowing down itself, it's slowing down others too.
    
    I have a hard time following whether this might all end up being
    predicated on the STIBP static branch conditionals and might thus at
    least be limited only to CPU's that have the problem in the first
    place.
    
    But I ended up unpulling it because I can't figure that out, and the
    explanations in the commits don't clarify (and do imply that it's
    regardless of any other errata, since it's for "undiscovered future
    errata").
    
    Because I don't want a random "I can make the kernel do stupid things"
    flag for people to opt into. I think it needs a double opt-in.
    
    At a _minimum_, SMT being enabled should disable this kind of crazy
    pseudo-security entirely, since it is completely pointless in that
    situation. Scheduling simply isn't a synchronization point with SMT
    on, so saying "sure, I'll flush the L1 at context switch" is beyond
    stupid.
    
    I do not want the kernel to do things that seem to be "beyond stupid".
    
    Because I really think this is just PR and pseudo-security, and I
    think there's a real cost in making people think "oh, I'm so special
    that I should enable this".
    
    I'm more than happy to be educated on why I'm wrong, but for now I'm
    unpulling it for lack of data.
    
    Maybe it never happens on SMT because of all those subtle static
    branch rules, but I'd really like to that to be explained.
    
                        Linus
    

Beyond Stupid...

Now that's the Linus I remember and love!

Exercising his freedom of speech

Exercising his freedom of speech

Big changes could be coming to Linux programming

  • Big changes could be coming to Linux programming

    After recently making the switch from Intel to AMD, Linus Torvalds has come out against 80-character-lines as a de facto programming standard.

    As reported by The Register, Torvalds shared his thoughts on the topic of line lengths in a recent Linux kernel clean-up post where he argued that limiting lines to 80 characters makes for lots of line breaks. Others have argued that 80-character lines are a long-standing convention that should remain in place due to the fact that large monitors can handle many small windows when column width is limited.

Linus Torvalds rejects 'beyond stupid' AWS-made Linux patch

  • Linus Torvalds rejects 'beyond stupid' AWS-made Linux patch for Intel CPU Snoop attack

    Linux kernel head Linus Torvalds has trashed a patch from Amazon Web Services (AWS) engineers that was aimed at mitigating the Snoop attack on Intel CPUs discovered by an AWS engineer earlier this year.

    The so-called 'Snoop-assisted L1 Data Sampling', or Snoop (CVE-2020-0550) attacks affecting a range of Intel Xeon and Core CPUs were disclosed in March.

    AWS engineer Pawel Wieczorkiewicz discovered a way to leak data from an Intel CPU's memory via its L1D cache, which sits in CPU cores, through 'bus snooping' – the cache updating operation that happens when data is modified in L1D.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Interview – NXP Linux BSP and Timesys Vigiles Maintenance Service & Security Updates

I’ve been interviewing Ed White, Manager of NXP’s Professional Support and Engineering Services, and Akshay Bhat, Director of Engineering, Security Solutions at Timesys by email to find out more about NXP Linux BSP development process, and how Timesys can help to keep it updated and secure with its Vigiles service. Read more

Screen Zoom and Mouse Indicator on Ubuntu 20.04

Ubuntu can help you to enlarge screen items and easily display cursor movements to your audience. This article is a company to Focal For Teachers and continuation to Screen Zoom on KDE. This is practicable to every GNOME operating system not only Ubuntu but also Fedora, Red Hat, Zorin and others. You can watch practical examples in this new video below and also image editing videos I published recently. For teachers and tutorial makers, this article is for you. Enjoy! Read more

Python Programming

  • Find the coefficients of the Quadratic Equation of the given two roots with Python

    In this example, you are expected to find the coefficients of the quadratic equation of the given two roots (x1 and x2) with a python function. The Quadratic Equation looks like this ax^2 + bx + c = 0. Our mission is to find the coefficients of the equations which is a, b, and c. The return type from the function is a Vector containing coefficients of the equations in the order (a, b, c). Since there are infinitely many solutions to this problem, we fix a = 1. Below is the method to find the return Vector.

  • Episode #188: Will the be a "switch" in Python the language?
  • Python 3.9.0b4

    Python 3.9 is still in development. This release, 3.9.0b4, is the fourth of five planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to support the new feature release.

  • Python 3.9.0b4 is now ready for testing

    On behalf of the entire Python development community, and the currently serving Python release team in particular, I’m pleased to announce the release of Python 3.9.0b4.

  • 10 most useful Python Dictionary Methods

    Dictionary is used in python to store multiple data with key-value pairs. It works like an associative array of other programming languages. The curly ({}) brackets are used to define a dictionary and the key-value is defined by the colon(:). The content of the key and value can be numeric or string. Python has many built-in methods to do different types of tasks on the dictionary data such as add, update, delete, search, count, etc. 10 most useful dictionary methods of python are explained in this article.

  • 10 most useful Python String Methods

    The string data is the characters of an array that contains one or more characters as value for any programming language. All printable characters such as alphabets, numbers, special characters, etc. are commonly used in the string data. ASCII code and Unicode are mainly used for converting any character to a number that the computer can understand. Python uses Unicode characters for string data. We need to perform different types of tasks based on the programming purpose on the string data such as searching the particular character or characters, capitalizing the first character, making all characters uppercase, etc. Python has many built-in string methods to do these types of tasks very easily. The 10 most useful python string methods are explained in this article.

Shell/Bash Picks