[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1164989642.5257.938.camel@gullible>
Date: Fri, 01 Dec 2006 11:14:02 -0500
From: Ben Collins <ben.collins@...ntu.com>
To: Arjan van de Ven <arjan@...radead.org>
Cc: Pavel Machek <pavel@....cz>, linux-kernel@...r.kernel.org,
torvalds@...l.org
Subject: Re: [PATCH 1/4] [x86] Add command line option to enable/disable
hyper-threading.
On Fri, 2006-12-01 at 17:10 +0100, Arjan van de Ven wrote:
> > I'm just basing this on the history of the patch, which preceeds me, so
> > if this is incorrect, please don't blame me for misinformation :)
> >
> > The original patch claims that hyper-threading opens the user up to some
> > sort of security risk involving hardware limitations in protecting
> > memory across the threads. I can't recall all the details.
> >
> > If this is wrong, I'm more than happy to just drop the whole damn patch.
>
> that is not correct.
> I suspect what is meant is the "attack" on older openssl versions where
> you could in theory get SOME information about a key in use by snooping
> cache patterns in a shared cache situation. By no means is it a "direct"
> leak of any kind, and openssl has since then been fixed to not have as
> many key-dependent execution streams anymore.
>
> I would suggest you drop the patch; openssl has been long fixed, and it
> was only a theoretical attack in the first place...
> I'm not saying the attack isn't something that should be addressed.. but
> it is, and disabling hyperthreading is not the right fix.
Thanks for clearing that up. Patch withdrawn.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists