|
|
|
|
|
|
|
|
|
|
xen-devel
RE: [Xen-devel] HT Vulnerability CAN-2005-0109
> At the moment, they release quick workarounds like hardening
> crypto libs against timing attacks
>
> <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=157631>
This is the correct soloution. I was rather shocked to find the crypto
libs weren't already hardened for such attacks. It's not as though this
is anything new, just a higher bandwidth version of something that has
been known about for years.
> or disabling HT
This is not necessary on Xen. Just allocate domains to CPUs such that
you don't put potentially non-cooperative domains on the same core. E.g.
if you're using dom0 just for running the control tool and device
drivers, just give it one hyperthread and don't allow any other domain
to use it. This is a pretty sensible way to use HT with Xen anyhow.
Ian
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
|
|