From owner-cvs-all@FreeBSD.ORG Fri Nov 9 19:34:31 2007 Return-Path: Delivered-To: cvs-all@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B307616A421; Fri, 9 Nov 2007 19:34:31 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.geekcn.org (tarsier.geekcn.org [210.51.165.229]) by mx1.freebsd.org (Postfix) with ESMTP id A44AD13C4A6; Fri, 9 Nov 2007 19:34:29 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from localhost (tarsier.geekcn.org [210.51.165.229]) by tarsier.geekcn.org (Postfix) with ESMTP id 85EC0EB569E; Sat, 10 Nov 2007 03:34:11 +0800 (CST) X-Virus-Scanned: amavisd-new at geekcn.org Received: from tarsier.geekcn.org ([210.51.165.229]) by localhost (mail.geekcn.org [210.51.165.229]) (amavisd-new, port 10024) with ESMTP id 2tC6mqfYGEzO; Sat, 10 Nov 2007 03:34:06 +0800 (CST) Received: from charlie.delphij.net (71.5.7.139.ptr.us.xo.net [71.5.7.139]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTP id 0E768EB5693; Sat, 10 Nov 2007 03:34:04 +0800 (CST) DomainKey-Signature: a=rsa-sha1; s=default; d=delphij.net; c=nofws; q=dns; h=message-id:date:from:reply-to:organization:user-agent: mime-version:to:cc:subject:references:in-reply-to: x-enigmail-version:content-type:content-transfer-encoding; b=nc+bO12e5/5zEG14N/wL+0SEuGOybc/5AxlpateSGq6jz9gqFNVNH1ZnEV7YilCXD SZ+guuRg9+hPXD0mPhoiQ== Message-ID: <4734B629.4010001@delphij.net> Date: Fri, 09 Nov 2007 11:34:01 -0800 From: Xin LI Organization: The FreeBSD Project User-Agent: Thunderbird 2.0.0.6 (X11/20071031) MIME-Version: 1.0 To: Nate Lawson References: <200711081945.lA8JjKcW080540@repoman.freebsd.org> <47337724.9040108@FreeBSD.org> <47337940.6040909@root.org> <47340B74.9070004@freebsd.org> <4734B13C.6050008@root.org> In-Reply-To: <4734B13C.6050008@root.org> X-Enigmail-Version: 0.95.5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: cvs-src@FreeBSD.ORG, Kris Kennaway , src-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, Colin Percival Subject: Re: cvs commit: src/sys/amd64/amd64 mp_machdep.c src/sys/i386/i386 mp_machdep.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Nov 2007 19:34:31 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nate Lawson wrote: [...] > Careful coding can address most side channel attacks, but I still think > OS's need a standard API for a stealth mode where a privileged process > can request exclusive access to the CPU it is running on for a short > quantum, with a guarantee that they will not be preempted unless they > exceed that quantum. Additional support for cleaning the > microarchitectural side effects (cache, BTB, etc.) would be a bonus. I > don't know of any standards efforts in this area but it might be > interesting to note. Fast implementations of AES are a good example > where such support is needed since it is impossible to eliminate cache > timing differences of the table lookups without such a mode. > > [1] OpenSSL 0.9.7h, change 10/2005 by Matthew D. Wood of Intel, > http://www.openssl.org/news/changelog.html > [2] OpenSSL 0.9.8f, change 10/2007 by Matthew D. Wood of Intel, > http://www.openssl.org/news/changelog.html Sorry for hijacking this thread, are we going to import a new OpenSSL release? Sounds like we have to do a full package build if we want to do that... Cheers, - -- Xin LI http://www.delphij.net/ FreeBSD - The Power to Serve! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFHNLYphcUczkLqiksRAq66AJ9ZCjTdnTdDZFtLxrPfxPizzmL7WgCdEvjW DLdgSd2sknd8e1gbOTtdExQ= =ycpp -----END PGP SIGNATURE-----