|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2019-01-17 17:04:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
[$] Defending against page-cache attacks
The kernel's page cache works to improve performance by minimizing disk I/O
and increasing the sharing of physical memory. But, like other
performance-enhancing techniques that involve resources shared across
security boundaries, the page cache can be abused as a way to extract
information that should be kept secret. A recent paper [PDF] by Daniel Gruss
and colleagues showed how the page cache can be targeted for a number of
different attacks, leading to an abrupt change in how the
mincore() system call works at the end
of the 5.0 merge window. But subsequent discussion has made it clear
that mincore() is just the tip of the iceberg; it is unclear what
will really need to be done to protect a system against page-cache attacks
or what the performance cost might be.
The kernel's page cache works to improve performance by minimizing disk I/O
and increasing the sharing of physical memory. But, like other
performance-enhancing techniques that involve resources shared across
security boundaries, the page cache can be abused as a way to extract
information that should be kept secret. A recent paper [PDF] by Daniel Gruss
and colleagues showed how the page cache can be targeted for a number of
different attacks, leading to an abrupt change in how the
mincore() system call works at the end
of the 5.0 merge window. But subsequent discussion has made it clear
that mincore() is just the tip of the iceberg; it is unclear what
will really need to be done to protect a system against page-cache attacks
or what the performance cost might be.
