Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1536773686.3240.9.camel@linux.intel.com>
Date: Wed, 12 Sep 2018 10:34:46 -0700
From: Kristen C Accardi <kristen@...ux.intel.com>
To: Jann Horn <jannh@...gle.com>
Cc: Kernel Hardening <kernel-hardening@...ts.openwall.com>
Subject: Re: [RFC PATCH] x86: entry: flush the cache if syscall error

On Tue, 2018-09-11 at 20:02 +0200, Jann Horn wrote:
> On Mon, Sep 10, 2018 at 9:14 PM Kristen Carlson Accardi
> <kristen@...ux.intel.com> wrote:
> > This patch aims to make it harder to perform cache timing attacks
> > on data
> > left behind by system calls. If we have an error returned from a
> > syscall,
> > flush the L1 cache.
> 
> How much protection does this provide, given that it e.g. doesn't
> flush L2/L3 and doesn't prevent data leakage through hyperthreading
> and cache coherency? Is an L2/L3-based attack expected to be harder
> than an L1D-based one?

My reasoning here is that L2/L3 caches can be partitioned using
something like CAT (maybe), but L1 cannot. So IMO L1 is the case that
needs coverage. Also, while this doesn't address a specific exploit,
the idea is that attacks on data in L1D are more common, and the
performance penalty for L2/L3 flushes would be too high without a
specific exploit in mind.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.