OpenBSD disables Hyper-Threading over security concerns

June 20, 2018 // 11:20 a.m.

Tags: #hyper-threading #meltdown #multi-threading #side-channel-attack #simultaneous-multi-threading #smt #spectre #threads

Companies: #intel #openbsd

OpenBSD, the security-focused, BSD-based, open-source operating system, has announced that it is to disable Intel's Hyper-Threading (HT) technology in its latest release over concerns it could make exploitation of Spectre-style attacks easier.

The discovery of side-channel attacks relating to speculative execution systems added to modern processors to boost performance, announced to the public earlier this year under the codenames Meltdown and Spectre, has caused the industry no small number of headaches. While current and next-generation silicon is known to still be vulnerable to at least some of the attack methods currently known, microcode and software patches have mitigated most of the threat - but now it looks like Intel's Hyper-Threading technology may undo that mitigation.

In a commit message to the project's source code versioning system, first spotted by Bleeping Computer, OpenBSD's Mark Kettinis describes a patch which completely disables Hyper-Threading on all equipped Intel processors - and promises that similar patches for other manufacturers' equivalents will be forthcoming.

'SMT (Simultanious [sic] Multi Threading) implementations typically share TLBs [translation lookaside buffers] and L1 caches between threads. This can make cache timing attacks a lot easier and we strongly suspect that this will make several Spectre-class bugs exploitable,' Kettinis explains of his patch. 'Especially on Intel's SMT implementation which is better known as Hypter-threading [sic]. We really should not run different security domains on different processor threads of the same core. Unfortunately changing our scheduler to take this into account is far from trivial. Since many modern machines no longer provide the ability to disable Hyper-threading in the BIOS setup, [we now] provide a way to disable the use of additional processor threads in our scheduler. And since we suspect there are serious risks, we disable them by default. This can be controlled through a new hw.smt sysctl. For now this only works on Intel CPUs when running OpenBSD/amd64. But we're planning to extend this feature to CPUs from other vendors and other hardware architectures.'

While the new system call allows users to turn Hyper-Threading, which allows a single CPU core to run two threads simultaneously and is common to many of Intel's chips, on and off, Kettinis' warning is stark - and comes with the advice that 'SMT doesn't necessarily have a posive [sic] effect on performance; it highly depends on the workload. In all likelyhood [sic] it will actually slow down most workloads if you have a CPU with more than two cores.'

Kettinis has not shared whether he has or knows of a functional exploit against Hyper-Threading for unauthorised data access, and Intel has yet to comment publicly on the move to disable HT by default in OpenBSD.

UPDATE 20180621:

Intel has been in touch to confirm it is investigating Kettinis' claims surrounding the potential security issues in Hyper-Threading, though has not provided details. 'Protecting our customers and their data continues to be a critical priority for us,' a company spokesperson tells us. 'We are looking into this feedback and thank the community for their ongoing efforts.'

Discuss this in the forums


Week in review