From owner-cvs-all@FreeBSD.ORG Fri Nov 9 17:57:35 2007 Return-Path: Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AD26416A419; Fri, 9 Nov 2007 17:57:35 +0000 (UTC) (envelope-from kris@FreeBSD.org) Received: from weak.local (pointyhat.freebsd.org [IPv6:2001:4f8:fff6::2b]) by mx1.freebsd.org (Postfix) with ESMTP id A7B6F13C4B5; Fri, 9 Nov 2007 17:57:34 +0000 (UTC) (envelope-from kris@FreeBSD.org) Message-ID: <47349F8D.5040509@FreeBSD.org> Date: Fri, 09 Nov 2007 18:57:33 +0100 From: Kris Kennaway User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070728) MIME-Version: 1.0 To: Colin Percival References: <200711081945.lA8JjKcW080540@repoman.freebsd.org> <47337724.9040108@FreeBSD.org> <47340B7F.6040505@freebsd.org> In-Reply-To: <47340B7F.6040505@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/amd64/amd64 mp_machdep.c src/sys/i386/i386 mp_machdep.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Nov 2007 17:57:35 -0000 Colin Percival wrote: > Kris Kennaway wrote: >> Colin Percival wrote: >>> Change the default for hyperthreading (or, generally speaking, cases >>> where the L1 cache is shared between CPUs) to disabled for security >>> reasons. As in earlier releases, this can be changed by setting >>> machdep.hyperthreading_allowed=1 in /boot/loader.conf. >>> This is not an MFC -- no seatbelts in CURRENT. >> What are you waiting for to happen in HEAD, > > To quote core@, whom I agree with on this point: > We think this decision should be revisited once at least one of the > following occur: new crypto code is made available by crypto vendors to > address cache-related attacks, or sufficient work is performed on > scheduling and protection mechanisms to prevent the attack from being > exploited. > >> and what work are you doing >> to expedite that? > > When I have time, I'm working on a cryptographic library which is designed > from the ground up to be immune to timing and cache-based side channel attacks. > Unfortunately my time has been rather limited lately due to the pressing need > to eat, but if you know any companies which would be interested in sponsoring > this work I'd be very happy to hear from them. Sounds possibly infeasible and at the very least a long way off. Is it appropriate to continue to leave hyperthreading disabled for the indefinite future pending the completion of a library you hope to one day write? I suspect that the fact that there has been little interest in sponsoring your development of this project should suggest to you that this hyperthreading issue is not widely considered to be a real security problem. Kris