- Jul 1, 2017
- 1,396
- Content source
- https://www.chromium.org/chromium-os/mds-on-chromeos
Microarchitectural Data Sampling (MDS) refers to a set of speculative execution side-channel vulnerabilities which potentially allow results from previous execution on a core to be observed across security boundaries via microarchitectural state, on certain Intel CPUs outlined in an Intel advisory from May 15, 2019:
To protect users, Chrome OS 74 disables Hyper-Threading by default. For the majority of our users, whose workflows are primarily interactive, this mitigates the security risk of MDS without a noticeable loss of responsiveness. Chrome OS 75 will contain additional mitigations.
Users concerned about the performance loss, such as those running CPU intensive workloads, may enable Hyper-Threading on a per machine basis. The setting is located at
chrome://flags#scheduler-configuration
The "performance" setting chooses the configuration that enables Hyper-Threading.
The "conservative" setting chooses the configuration that disables Hyper-Threading.
A list of the affected devices is provided in the source.
To protect users, Chrome OS 74 disables Hyper-Threading by default. For the majority of our users, whose workflows are primarily interactive, this mitigates the security risk of MDS without a noticeable loss of responsiveness. Chrome OS 75 will contain additional mitigations.
Users concerned about the performance loss, such as those running CPU intensive workloads, may enable Hyper-Threading on a per machine basis. The setting is located at
chrome://flags#scheduler-configuration
The "performance" setting chooses the configuration that enables Hyper-Threading.
The "conservative" setting chooses the configuration that disables Hyper-Threading.
A list of the affected devices is provided in the source.
