Explore a keynote address by Greg Kroah-Hartman, Linux Kernel Developer and Fellow at The Linux Foundation, delving into critical CPU hardware vulnerabilities known as MDS, Fallout, and Zombieland. Learn about the intricacies of these security flaws, their impact on Intel CPUs' speculative execution model, and the potential for cross-program and cross-virtual machine data breaches. Discover the kernel and BIOS fixes implemented to address these issues, including the controversial decision to disable SMT for Intel chips. Gain insights into the specific exploits like RIDL, Fallout, and Zombieload, understanding their mechanisms and the mitigations put in place. Examine the performance implications of these security measures and the importance of updating kernels and BIOS. Understand the collaborative efforts between kernel developers and OS vendors in addressing these vulnerabilities, and recognize the critical need for using supported Linux distribution kernels or stable/longterm kernels to maintain system security.
Overview
Syllabus
Keynote: MDS, Fallout, Zombieland & Linux
MDS == "RIDL", "Fallout", "Zombieload", and others - CPU Hardware bugs • Variants of the same basic problem • Exploits the speculative execution model of Intel CPUs. • Discovered by many different research teams • Kernel and BIOS fixes required to fully solve
One program can read another program's data • Can cross the virtual machine boundary · Exploits "hyper threading" (SMT) issues - SMT are CPUs that usually share TLBs and L1 cache
Guessed more problems would be in this area • Disabled SMT for Intel chips in June 2018 . Repeated the plea to disable this in August 2018 • Prevented almost all MDS issues automatically • Security over performance • Huge respect!
Rogue-Inflight-Data-Load • Exploits CPU Line-fill buffers and Load ports Steal data across applications, virtual machines, secure enclaves . Kernel fix by flushing CPU buffers/ports on context switch
Fallout • Exploits CPU Store Buffers • Read kernel data from userspace Breaks ASLR (random kernel addresses) • "Meltdown" mitigation made this easier to exploit • Kernel fix by flushing CPU buffers on context switch
Exploits CPU Line-Fill buffers . Much like RIDL • Steal data across applications, virtual machines, secure enclaves • Cool logo/name and demo • Kernel fix by flushing CPU buffers on context switch
All of these mitigations slow down the system • No way yet to schedule different security domains on different physical processors (gang scheduling) • Disabling SMT mitigates most problems (not ALL!) • Must disable SMT and enable mitigations to solve completely.
Kernel fixes available on announcement date • Intel notified some kernel developers in advance . Worked together across OS vendors to solve . Much better than Spectre/Meltdown • Process still needs to improve, Debian notified 48 hours before release. • More fixes came after announcement • Update your kernel and BIOS!
If you are not using a supported Linux distribution kernel, or a stable / longterm kernel, you have an insecure system.
Taught by
Linux Foundation
