cvs commit: src/sys/amd64/amd64 mp_machdep.c src/sys/i386/i386
mp_machdep.c
Xin LI
delphij at delphij.net
Fri Nov 9 11:34:31 PST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Nate Lawson wrote:
[...]
> Careful coding can address most side channel attacks, but I still think
> OS's need a standard API for a stealth mode where a privileged process
> can request exclusive access to the CPU it is running on for a short
> quantum, with a guarantee that they will not be preempted unless they
> exceed that quantum. Additional support for cleaning the
> microarchitectural side effects (cache, BTB, etc.) would be a bonus. I
> don't know of any standards efforts in this area but it might be
> interesting to note. Fast implementations of AES are a good example
> where such support is needed since it is impossible to eliminate cache
> timing differences of the table lookups without such a mode.
>
> [1] OpenSSL 0.9.7h, change 10/2005 by Matthew D. Wood of Intel,
> http://www.openssl.org/news/changelog.html
> [2] OpenSSL 0.9.8f, change 10/2007 by Matthew D. Wood of Intel,
> http://www.openssl.org/news/changelog.html
Sorry for hijacking this thread, are we going to import a new OpenSSL
release? Sounds like we have to do a full package build if we want to
do that...
Cheers,
- --
Xin LI <delphij at delphij.net> http://www.delphij.net/
FreeBSD - The Power to Serve!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)
iD8DBQFHNLYphcUczkLqiksRAq66AJ9ZCjTdnTdDZFtLxrPfxPizzmL7WgCdEvjW
DLdgSd2sknd8e1gbOTtdExQ=
=ycpp
-----END PGP SIGNATURE-----
More information about the cvs-all
mailing list