cvs commit: src/sys/amd64/amd64 mp_machdep.c src/sys/i386/i386
M. Warner Losh
imp at bsdimp.com
Thu Nov 8 21:24:34 PST 2007
In message: <47337724.9040108 at FreeBSD.org>
Kris Kennaway <kris at FreeBSD.org> writes:
: Colin Percival wrote:
: > cperciva 2007-11-08 19:45:20 UTC
: > FreeBSD src repository
: > Modified files: (Branch: RELENG_7)
: > sys/amd64/amd64 mp_machdep.c
: > sys/i386/i386 mp_machdep.c
: > Log:
: > Change the default for hyperthreading (or, generally speaking, cases
: > where the L1 cache is shared between CPUs) to disabled for security
: > reasons. As in earlier releases, this can be changed by setting
: > machdep.hyperthreading_allowed=1 in /boot/loader.conf.
: > This is not an MFC -- no seatbelts in CURRENT.
: > Approved by: re (kensmith)
: > Security: See FreeBSD-SA-05:09.htt for background material.
: > Revision Changes Path
: > 1.287.2.1 +1 -1 src/sys/amd64/amd64/mp_machdep.c
: > 1.281.2.1 +1 -1 src/sys/i386/i386/mp_machdep.c
: What are you waiting for to happen in HEAD, and what work are you doing
: to expedite that?
Further, this goes against the agreement we had between core@ and
security-officer@ at the time. This was not re-evaluated by core as
we requested at the time. I request it be backed out.
More information about the cvs-src