This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: Spectre mitigations in CPython interpreter
Type: security Stage: resolved
Components: Interpreter Core Versions: Python 3.10
Status: closed Resolution: not a bug
Dependencies: Superseder:
Assigned To: Nosy List: gregory.p.smith, sahnaseredini, serhiy.storchaka, vstinner
Priority: normal Keywords:

Created on 2020-11-11 11:19 by sahnaseredini, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Messages (4)
msg380748 - (view) Author: Amir Naseredini (sahnaseredini) Date: 2020-11-11 11:19
I was looking up everywhere and could not find any mitigations for Spectre attack by a Python interpreter(CPython)! I don't know if my question is correct or how feasible it is, but does anyone know if there are any mitigations for different variants of Spectre attacks Specter v1 (Spectre-PHT), v2 (Spectre-BTB), v4 (Spectre-STL) and v5 (Spectre-RSB) at the interpreter level for Python?
Looking forward to hearing from you guys :)
msg380749 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2020-11-11 11:20
You can try to use a C compiler which implements workarounds, but I don't think that anything should be done directly in CPython.
msg380760 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2020-11-11 13:55
AFAIK Spectre attacks rely on precise time measures. But Python is very far from bare hardware. Pure Python code is 10-100 times slower than compiled C or jitted JavaScript, and the variance is high, so it is hard to get stable results in benchmarks. Simple a=b+c can causes execution of hundreds or thousands of microprocessor instructions, numerous memory read and write operations, calling many subroutines, memory allocations and deallocations.

I have doubts that it is practical to use Spectre attacks on pure Python.

Of course, if you use high-performance extensions to work with sensitive data, they can be vulnerable to attack if the attacker code is in the other extension. You can counteract this by building that extensions with a C compiler which implements workarounds.
msg388598 - (view) Author: Gregory P. Smith (gregory.p.smith) * (Python committer) Date: 2021-03-13 09:48
Compiling everything (your entire OS and libraries and CPython itself) with compiler mitigations is recommended.  I agree, there is nothing specific we need to do within CPython itself.
Date User Action Args
2022-04-11 14:59:38adminsetgithub: 86488
2021-03-13 09:48:27gregory.p.smithsetstatus: open -> closed

nosy: + gregory.p.smith
messages: + msg388598

resolution: not a bug
stage: resolved
2020-11-11 13:55:13serhiy.storchakasetnosy: + serhiy.storchaka
messages: + msg380760
2020-11-11 11:20:06vstinnersetnosy: + vstinner
messages: + msg380749
2020-11-11 11:19:11sahnaseredinicreate