+cc Daniel Gruss On Tue, Nov 13, 2018 at 6:59 PM Pavel Tatashin <pasha.tatashin@xxxxxxxxxx> wrote: > On 18-11-13 15:23:50, Oleksandr Natalenko wrote: > > Hi. > > > > > Yep. However, so far, it requires an application to explicitly opt in > > > to this behavior, so it's not all that bad. Your patch would remove > > > the requirement for application opt-in, which, in my opinion, makes > > > this way worse and reduces the number of applications for which this > > > is acceptable. > > > > The default is to maintain the old behaviour, so unless the explicit > > decision is made by the administrator, no extra risk is imposed. > > The new interface would be more tolerable if it honored MADV_UNMERGEABLE: > > KSM default on: merge everything except when MADV_UNMERGEABLE is > excplicitly set. > > KSM default off: merge only when MADV_MERGEABLE is set. > > The proposed change won't honor MADV_UNMERGEABLE, meaning that > application programmers won't have a way to prevent sensitive data to be > every merged. So, I think, we should keep allow an explicit opt-out > option for applications. > > > > > > As far as I know, basically nobody is using KSM at this point. There > > > are blog posts from several cloud providers about these security risks > > > that explicitly state that they're not using memory deduplication. > > > > I tend to disagree here. Based on both what my company does and what UKSM > > users do, memory dedup is a desired option (note "option" word here, not the > > default choice). > > Lightweight containers is a use case for KSM: when many VMs share the > same small kernel. KSM is used in production by large cloud vendors. Wait, what? Can you name specific ones? Nowadays, enabling KSM for untrusted VMs seems like a terrible idea to me, security-wise. Google says at <https://cloud.google.com/blog/products/gcp/7-ways-we-harden-our-kvm-hypervisor-at-google-cloud-security-in-plaintext>: "Compute Engine and Container Engine are not vulnerable to this kind of attack, since they do not use KSM." An AWS employee says at <https://forums.aws.amazon.com/thread.jspa?threadID=238519&tstart=0&messageID=739485#739485>: "memory de-duplication is not enabled by Amazon EC2's hypervisor" In my opinion, KSM is fundamentally insecure for systems hosting multiple VMs that don't trust each other. I don't think anyone writes cryptographic software under the assumption that an attacker will be given the ability to query whether a given page of data exists anywhere else on the system.
