On Mon, Jun 25, 2018 at 05:22:11PM +0300, Georgi Guninski wrote:
On Wed, Jun 20, 2018 at 07:44:21PM -0400, grarpamp wrote:
https://www.mail-archive.com/source-changes@openbsd.org/msg99141.html
According to journos intel won't fix this: https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/ Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about How to extract 256-bit signing keys with 99.8% success
Intel has, for now, no plans to specifically address a side-channel vulnerability in its processors that can be potentially exploited by malware to extract encryption keys and other sensitive info from applications.
Surely a simple and far less impactful "solution" to this problem is for applications to disable hyperthreading when they enter the critical sections of code - generating (and using?) crypto keys and random numbers for example? OpenBSD is understandable of course - "security or die" - but perhaps they will relax their HT disabling over time as they sure app the HT barrier code required to implement the aboveā¦