From owner-cvs-src@FreeBSD.ORG Thu Nov 8 21:29:34 2007 Return-Path: Delivered-To: cvs-src@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 499A516A59B for ; Thu, 8 Nov 2007 21:29:34 +0000 (UTC) (envelope-from nate@root.org) Received: from root.org (root.org [67.118.192.226]) by mx1.freebsd.org (Postfix) with ESMTP id 980EC13C4BE for ; Thu, 8 Nov 2007 21:29:33 +0000 (UTC) (envelope-from nate@root.org) Received: (qmail 2426 invoked from network); 8 Nov 2007 21:02:40 -0000 Received: from 209-128-117-003.bayarea.net (HELO ?10.0.8.5?) (nate-mail@209.128.117.3) by root.org with ESMTPA; 8 Nov 2007 21:02:40 -0000 Message-ID: <47337940.6040909@root.org> Date: Thu, 08 Nov 2007 13:01:52 -0800 From: Nate Lawson User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: Kris Kennaway References: <200711081945.lA8JjKcW080540@repoman.freebsd.org> <47337724.9040108@FreeBSD.org> In-Reply-To: <47337724.9040108@FreeBSD.org> X-Enigmail-Version: 0.95.5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org, Colin Percival Subject: Re: cvs commit: src/sys/amd64/amd64 mp_machdep.c src/sys/i386/i386 mp_machdep.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Nov 2007 21:29:34 -0000 Kris Kennaway wrote: > Colin Percival wrote: >> cperciva 2007-11-08 19:45:20 UTC >> >> FreeBSD src repository >> >> Modified files: (Branch: RELENG_7) >> sys/amd64/amd64 mp_machdep.c sys/i386/i386 >> mp_machdep.c Log: >> Change the default for hyperthreading (or, generally speaking, cases >> where the L1 cache is shared between CPUs) to disabled for security >> reasons. As in earlier releases, this can be changed by setting >> machdep.hyperthreading_allowed=1 in /boot/loader.conf. >> This is not an MFC -- no seatbelts in CURRENT. >> Approved by: re (kensmith) >> Security: See FreeBSD-SA-05:09.htt for background material. >> Revision Changes Path >> 1.287.2.1 +1 -1 src/sys/amd64/amd64/mp_machdep.c >> 1.281.2.1 +1 -1 src/sys/i386/i386/mp_machdep.c >> >> > > What are you waiting for to happen in HEAD, and what work are you doing > to expedite that? I'm still waiting for what will be done to prevent the attack on uniprocessor or multi-core machines (shared L2). Continuing to focus on hyperthreading is like locking the screen door on your submarine. -- Nate