From owner-freebsd-security@FreeBSD.ORG  Sat May 14 07:15:00 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8340116A4CE
	for <freebsd-security@freebsd.org>;
	Sat, 14 May 2005 07:15:00 +0000 (GMT)
Received: from pd3mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net
	[24.71.223.10])	by mx1.FreeBSD.org (Postfix) with ESMTP id 4009743D7E
	for <freebsd-security@freebsd.org>;
	Sat, 14 May 2005 07:15:00 +0000 (GMT)
	(envelope-from cperciva@freebsd.org)
Received: from pd3mr6so.prod.shaw.ca (pd3mr6so-qfe3.prod.shaw.ca
	[10.0.141.21])2004))freebsd-security@freebsd.org;
	Sat, 14 May 2005 01:14:52 -0600 (MDT)
Received: from pn2ml6so.prod.shaw.ca ([10.0.121.150])
 by pd3mr6so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar
 15 2004)) with ESMTP id <0IGG00I1YXGS0RG0@pd3mr6so.prod.shaw.ca> for
 freebsd-security@freebsd.org; Sat, 14 May 2005 01:14:52 -0600 (MDT)
Received: from [127.0.0.1] (S0106006067227a4a.vc.shawcable.net [24.87.209.6])
	2003))freebsd-security@freebsd.org; Sat,
	14 May 2005 01:14:52 -0600 (MDT)
Date: Sat, 14 May 2005 03:14:50 -0400
From: Colin Percival <cperciva@freebsd.org>
In-reply-to: <3aaaa3a050514000629cc8427@mail.gmail.com>
To: Chris <chrcoluk@gmail.com>
Message-id: <4285A56A.1030106@freebsd.org>
MIME-version: 1.0
Content-type: text/plain; charset=ISO-8859-1
Content-transfer-encoding: 7bit
X-Accept-Language: en-us, en
X-Enigmail-Version: 0.91.0.0
References: <245f0df105051318564b1ffb6b@mail.gmail.com>
 <94145.1116037219@critter.freebsd.dk>
 <245f0df105051322354e8e86eb@mail.gmail.com>
 <3aaaa3a050514000629cc8427@mail.gmail.com>
User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050406)
cc: freebsd-security@freebsd.org
cc: Poul-Henning Kamp <phk@phk.freebsd.dk>
cc: "Drew B. \[Security Expertise/Freelance Security research\]."
	<d4rkstorm@gmail.com>
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-05:09.htt [REVISED]
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 14 May 2005 07:15:00 -0000

Chris wrote:
> I am somewhat confused by applying the patch, does this disable HTT
> functionality? or does a patched server close the issue and keep HTT
> enabled?

The patch adds a new loader tunable, machdep.hyperthreading_allowed,
which is set to 0 by default.  Regardless of how you try to set the
machdep.hlt_cpus_mask and machdep.hlt_logical_cpus sysctls, if
machdep.hyperthreading_allowed is set to zero then you will not
have any process threads executing on the second hyper-thread from
each core.

If you're on a system where this isn't a problem (e.g., anything with
no local users), you can set machdep.hyperthreading_allowed=1 in
/boot/loader.conf or via the sysctl after booting, and get the benefit
of hyperthreading.

Colin Percival