cvs commit: src/sys/amd64/amd64 mp_machdep.c src/sys/i386/i386
mp_machdep.c
Nate Lawson
nate at root.org
Thu Nov 8 13:29:34 PST 2007
Kris Kennaway wrote:
> Colin Percival wrote:
>> cperciva 2007-11-08 19:45:20 UTC
>>
>> FreeBSD src repository
>>
>> Modified files: (Branch: RELENG_7)
>> sys/amd64/amd64 mp_machdep.c sys/i386/i386
>> mp_machdep.c Log:
>> Change the default for hyperthreading (or, generally speaking, cases
>> where the L1 cache is shared between CPUs) to disabled for security
>> reasons. As in earlier releases, this can be changed by setting
>> machdep.hyperthreading_allowed=1 in /boot/loader.conf.
>> This is not an MFC -- no seatbelts in CURRENT.
>> Approved by: re (kensmith)
>> Security: See FreeBSD-SA-05:09.htt for background material.
>> Revision Changes Path
>> 1.287.2.1 +1 -1 src/sys/amd64/amd64/mp_machdep.c
>> 1.281.2.1 +1 -1 src/sys/i386/i386/mp_machdep.c
>>
>>
>
> What are you waiting for to happen in HEAD, and what work are you doing
> to expedite that?
I'm still waiting for what will be done to prevent the attack on
uniprocessor or multi-core machines (shared L2). Continuing to focus on
hyperthreading is like locking the screen door on your submarine.
--
Nate
More information about the cvs-src
mailing list