[$] Fixing page-cache side channels, second attempt

Post Syndicated from corbet original https://lwn.net/Articles/778437/rss

The kernel’s page cache, which holds copies of data stored in filesystems,
is crucial to the performance of the system as a whole. But, as has
recently been
demonstrated, it can also be exploited to learn about what other users
in the system are doing and extract information that should be kept
secret. In January, the behavior of the mincore()
system call was
changed in an attempt to close this vulnerability, but that solution was shown to break existing applications while not
fully solving the problem
. A better solution will have to wait for the
5.1 development cycle, but the shape of the proposed changes has started to
come into focus.