Date: Sun, 15 May 2005 13:58:10 -0700 From: Nate Lawson <nate@root.org> To: Colin Percival <cperciva@freebsd.org> Cc: cvs-all@freebsd.org Subject: Re: cvs commit: src/sys/amd64/amd64 mp_machdep.csrc/sys/amd64/include cpufunc.h src/sys/i386/i386 mp_machdep.c src/sys/i386/include cpufunc.h Message-ID: <4287B7E2.8030507@root.org> In-Reply-To: <4287B12C.9080903@freebsd.org> References: <97079.1116154766@critter.freebsd.dk> <4287AD84.6070600@root.org> <4287B12C.9080903@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Colin Percival wrote: > Nate Lawson wrote: >>Every general-purpose machine has measurable timing side channels. The >>question is merely one of bandwidth. > > Absolutely. Most covert channels operate at up to a few kbps; this covert > channel operates at several Mbps. > > The fact that this channel is many times faster than all the other channels > combined makes it not just quantitatively different but also qualitatively > different and deserving of more careful treatment. > > Colin Percival If it only requires 1024 bits to compromise a secret and you have two machines, one with a 1 Kbps channel and one with a 1 Mbps channel, which is secure? On the first machine, the attacker takes 1 second to compromise the entire secret and on the other, 1 millisecond. Depending on your application, both machines are likely insecure. But if the application is designed to resist timing attacks by completely updating the secret every 10 ms, it is secure only on the first machine. This is an oversimplified example but illustrates my point. I think it's fine that we've added a knob to disable hyperthreading. However, since there may be no security gain for any given application, it's unclear that it should be disabled by default. When setting up a multi-user/multi-privilege system, many admins enable jail but we don't ship with the base system set up that way by default. -- Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4287B7E2.8030507>