On Fri, 2006-12-01 at 17:10 +0100, Arjan van de Ven wrote: > > I'm just basing this on the history of the patch, which preceeds me, so > > if this is incorrect, please don't blame me for misinformation :) > > > > The original patch claims that hyper-threading opens the user up to some > > sort of security risk involving hardware limitations in protecting > > memory across the threads. I can't recall all the details. > > > > If this is wrong, I'm more than happy to just drop the whole damn patch. > > that is not correct. > I suspect what is meant is the "attack" on older openssl versions where > you could in theory get SOME information about a key in use by snooping > cache patterns in a shared cache situation. By no means is it a "direct" > leak of any kind, and openssl has since then been fixed to not have as > many key-dependent execution streams anymore. > > I would suggest you drop the patch; openssl has been long fixed, and it > was only a theoretical attack in the first place... > I'm not saying the attack isn't something that should be addressed.. but > it is, and disabling hyperthreading is not the right fix.
Thanks for clearing that up. Patch withdrawn. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
