> I'm just basing this on the history of the patch, which preceeds me, so > if this is incorrect, please don't blame me for misinformation :) > > The original patch claims that hyper-threading opens the user up to some > sort of security risk involving hardware limitations in protecting > memory across the threads. I can't recall all the details. > > If this is wrong, I'm more than happy to just drop the whole damn patch.
that is not correct. I suspect what is meant is the "attack" on older openssl versions where you could in theory get SOME information about a key in use by snooping cache patterns in a shared cache situation. By no means is it a "direct" leak of any kind, and openssl has since then been fixed to not have as many key-dependent execution streams anymore. I would suggest you drop the patch; openssl has been long fixed, and it was only a theoretical attack in the first place... I'm not saying the attack isn't something that should be addressed.. but it is, and disabling hyperthreading is not the right fix. -- if you want to mail me at work (you don't), use arjan (at) linux.intel.com Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
