L1d Cache Flush On Context Switch Moves Forward For Linux In Light Of Vulnerabilities

A new patch series sent out just under one month ago was providing opt-in L1 data cache flushing on context switching. That work has now been revived again and now with documentation added it's clear that this work is being done in response to a recent CVE being made public.

The patches originally sent out by an Amazon engineer characterized the work as for the "paranoid due to the recent snoop assisted data sampling vulnerabilities, to flush their L1D on being switched out. This protects their data from being snooped or leaked via side channels after the task has context switched out."

The patch was revised at the end of March for this optional L1d cache flushing on context switching. At that point it was again advertised as something for the "paranoid" users.

This morning a new version of the patches were posted. With the documentation added, it's now implied there is more of a use than just "paranoid" users. In particular, this L1d flushing on context switching is said to address CVE-2020-0550.

CVE-2020-0550 was made public by Intel in March but didn't receive as much attention compared to say the Load Value Injection (LVI) vulnerability that was also made public on that same disclosure day. CVE-2020-0550 is described as "Improper data forwarding in some data cache for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."

Intel's deep dive on the vulnerability that past L1TF mitigations can help and "snoop-assisted L1D sampling can be mitigated by flushing the L1D cache between when secrets are accessed and when possibly malicious software runs on the same core." That in turn is what this L1d cache flushing patch series for the Linux kernel is aiming towards. Affected Intel CPUs span from Sandy Bridge through Comet Lake, Ice Lake and Atom P5900 Tremont.

Today's updated patches also make it sound like some additional vulnerabilities in this class may be on the way with mentioning "an increasing number of vulnerabilities being reported around data leaks from L1D" and "At the present moment, the following CVEs..."

In any case, this patch series continues to be tweaked and will presumably be seeing the mainline Linux kernel in the near future. Again, this L1 data cache flushing on context switching isn't being enabled by default but interested software needs to make use of the new ARCH_SET_L1D_FLUSH via arch_prctl for enabling this functionality. This would seemingly be recommended for any applications dealing with secrets or where potentially malicious code is on the same CPU core, but we'll see how this ARCH_SET_L1D_FLUSH ends up being adopted by upstream programs -- at least now from today's patches it is clear the work is relevant to more than just the previously mentioned "paranoid" users. I'll be working on some benchmarks with a modified patch shortly.