|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] HT Vulnerability CAN-2005-0109
Am Donnerstag, den 19.05.2005, 03:46 +0100 schrieb Mark Williamson: > > The paper includes code for the side channel attack (Figure 1 > > in <http://www.daemonology.net/papers/htt.pdf>), and even if it didn't, it > > would be easy to replicate. > > I admit I hadn't noticed the code included could be used in the side channel > attack - it's a fair cop guv! It's worrying - we should watch what the other > OS communities do on this. At the moment, they release quick workarounds like hardening crypto libs against timing attacks <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=157631> or disabling HT <ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD- SA-05:09.htt.asc> "V. Solution Disable Hyper-Threading Technology on processors that support it. NOTE: It is expected that future work in cryptographic libraries and operating system schedulers may remedy this problem for many or most users, without necessitating the disabling of Hyper-Threading Technology. Future advisories will address individual cases." In case i'd be so paranoiac (as the freebsd sec team) to consider the HT prob a real world threat: Would the xen boottime option "noht" be a workaround (diabling HT, but not SMP) until this gets fixed properly? /nils. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |