cvs commit: src/sys/amd64/amd64 mp_machdep.csrc/sys/amd64/include
cpufunc.h src/sys/i386/i386 mp_machdep.c src/sys/i386/include cpufunc.h
nate at root.org
Sun May 15 13:58:14 PDT 2005
Colin Percival wrote:
> Nate Lawson wrote:
>>Every general-purpose machine has measurable timing side channels. The
>>question is merely one of bandwidth.
> Absolutely. Most covert channels operate at up to a few kbps; this covert
> channel operates at several Mbps.
> The fact that this channel is many times faster than all the other channels
> combined makes it not just quantitatively different but also qualitatively
> different and deserving of more careful treatment.
> Colin Percival
If it only requires 1024 bits to compromise a secret and you have two
machines, one with a 1 Kbps channel and one with a 1 Mbps channel, which
is secure? On the first machine, the attacker takes 1 second to
compromise the entire secret and on the other, 1 millisecond. Depending
on your application, both machines are likely insecure. But if the
application is designed to resist timing attacks by completely updating
the secret every 10 ms, it is secure only on the first machine. This is
an oversimplified example but illustrates my point.
I think it's fine that we've added a knob to disable hyperthreading.
However, since there may be no security gain for any given application,
it's unclear that it should be disabled by default. When setting up a
multi-user/multi-privilege system, many admins enable jail but we don't
ship with the base system set up that way by default.
More information about the cvs-src