# Core scheduling 重要名詞 * HT: [Hyper-Thread](https://en.wikipedia.org/wiki/Hyper-threading) , Intel 的專利，用於提升平行計算能力。 * SMP: Symmetric Multi-Processing， * SMT: Simultaneous Multithreading (Logical CPU) $\in$ Physical CPU * [Siblings CPU](https://linuxhunt.blogspot.com/2010/03/understanding-proccpuinfo.html) : 可以打開 `lstopo`，Physical core 上的兩條 logical cpu 就是 sibling CPU  https://docs.kernel.org/admin-guide/hw-vuln/core-scheduling.html > Using this feature, userspace defines groups of tasks that can be co-scheduled on the same core. The core scheduler uses this information to make sure that tasks that are not in the same group never run simultaneously on a core ... `cookie` 可以視為判斷是否為同一個 `group` 的依據，若兩個 $PID$ 有相同的 `cookie`，則可以被 co-schedule 在同一個核上，反之不行。 Each task that is tagged is assigned a cookie internally in the kernel. As mentioned in Usage, tasks with the same cookie value are assumed to trust each other and share a core. 在支援 SMT（例如 Intel Hyper-Threading）的處理器中，兩個 logical CPU（例如 CPU0 和 CPU1）可能同時跑在同一個 physical core 上，共享 L1/L2 cache、執行單元等資源。 這樣會導致潛在的 side-channel 攻擊風險： Process A 和 Process B 若同時被排到同一 physical core 上（不同 SMT thread），Process B 可能觀察 A 的 cache 使用、branch behavior、甚至某些 speculative execution 副作用 → 洩漏資料。 Core Scheduling 的出現就是為了解決這個問題。 -- ## sum up: core-scheduling 是在防止 side-channel 攻擊的機制 他會判斷 cookie 如果是同一個 cookie/group => 可以跑在同一個 physical core 上 反之，若沒有相同的 cookie，就不能跑在同一個 physical core上。可以想成如果 A,B 跑在同一個 CORE，A是好人，B是壞蛋，B就可以觀察A的 cache 使用的.... This interface provides support for the creation of core scheduling groups, as well as admission and removal of tasks from created groups: [man ptrcl(2)](https://linux.die.net/man/2/prctl) ```c #include <sys/prctl.h> // Process Control int prctl(int option, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5); ```