“A patch to make disabling Hyper-Threading a boot time option
resurfaced on the lkml. The patch was originally created in
response to a Hyper-Threading vulnerability which was first
discussed on the lkml in May of 2005. Ben Collins explained, ‘the
original patch claims that hyper-threading opens the user up to
some sort of security risk involving hardware limitations in
protecting memory across the threads.’ Arjan van de Ven disagreed,
‘that is not correct. I suspect what is meant is the ‘attack’ on
older openssl versions where you could in theory get SOME
information about a key in use by snooping cache patterns in a
shared cache situation. By no means is it a ‘direct’ leak of any
kind, and openssl has since then been fixed to not have as many
key-dependent execution streams anymore…'”
KernelTrap: Revisiting the Hyper-Threading Vulnerability
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis