lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 May 2019 17:29:48 +0000 From: zvuln <zvuln@...tonmail.com> To: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Question about mitigating Zombieload It seems the x86 architecture is once again afflicted with a flaw that arises out of unsafely implemented accelerations, namely the just-releaved Zombieload vulnerability. We know that Zombieload is possible when Hyperthreading is enabled. Here is a question: Is it possible to disable Hyperthreading not for all cores in the BIOS but rather on a per-core basis programmatically from the OS or from the bootloader? I ask because if this were possible, then it would be reasonable to segregate the sensitive code i.e. the kernel and the major daemons into one core that has Hyperthreading enabled, and then run all other (risky) user processes on the other cores, which have Hyperthreading disabled. Cheers.
Powered by blists - more mailing lists