The OpenBSD team is taking a proactive step toward securing their operating system from potential, future CPU flaws. Mark Kettenis has published a patch which will disable hyper-threading, a move which the developer hopes will protect OpenBSD users against future Spectre-like CPU attacks. "SMT (Simultanious Multi Threading) implementations typically share TLBs and L1 caches between threads. This can make cache timing attacks a lot easier and we strongly suspect that this will make several spectre-class bugs exploitable. Especially on Intel's SMT implementation which is better known as hyper-threading. We really should not run different security domains on different processor threads of the same core. Unfortunately changing our scheduler to take this into account is far from trivial. Since many modern machines no longer provide the ability to disable Hyper-threading in the BIOS setup, provide a way to disable the use of additional processor threads in our scheduler. And since we suspect there are serious risks, we disable them by default. This can be controlled through a new hw.smt sysctl."
Star Labs - Laptops built for Linux.
View our range including the Star Lite, Star LabTop and more. Available with a choice of Ubuntu or Linux Mint pre-installed with many more distributions supported. Visit Star Labs for information, to buy and get support.