Re: Hyper-Threading Vulnerability

From: Daniel Jacobowitz
Date: Fri May 13 2005 - 09:24:53 EST

Next message: Dave Hansen: "Re: [RFC] Cachemap for 2.6.12rc4-mm1. Was Re: [PATCH] enhance x86MTRR handling"
Previous message: Jeff Garzik: "Re: Hyper-Threading Vulnerability"
In reply to: Jeff Garzik: "Re: Hyper-Threading Vulnerability"
Next in thread: Jeff Garzik: "Re: Hyper-Threading Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, May 13, 2005 at 10:10:36AM -0400, Jeff Garzik wrote:
> Barry K. Nathan wrote:
> >On Fri, May 13, 2005 at 07:51:20AM +0200, Gabor MICSKO wrote:
> >
> >>Is this flaw affects the current stable Linux kernels? Workaround?
> >>Patch?
>
> Simple. Just boot a uniprocessor kernel, and/or disable HT in BIOS.
>
>
> >Some pages with relevant information:
> >http://www.ussg.iu.edu/hypermail/linux/kernel/0403.2/0920.html
> >http://bugzilla.kernel.org/show_bug.cgi?id=2317
>
> These pages have zero information on the "flaw." In fact, I can see no
> information at all proving that there is even a problem here.
>
> Classic "I found a problem, but I'm keeping the info a secret" security
> crapola.

FYI:
http://www.daemonology.net/hyperthreading-considered-harmful/

I don't much agree with Colin about the severity of the problem, but
I've read his paper, which should be generally available later today.
It's definitely a legitimate issue.

--
Daniel Jacobowitz
CodeSourcery, LLC
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dave Hansen: "Re: [RFC] Cachemap for 2.6.12rc4-mm1. Was Re: [PATCH] enhance x86MTRR handling"
Previous message: Jeff Garzik: "Re: Hyper-Threading Vulnerability"
In reply to: Jeff Garzik: "Re: Hyper-Threading Vulnerability"
Next in thread: Jeff Garzik: "Re: Hyper-Threading Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]