From 8b4553119eef7a045702540ec8c459f966cf1cd7 Mon Sep 17 00:00:00 2001 From: Colin Percival Date: Mon, 24 Apr 2006 21:17:01 +0000 Subject: [PATCH] Adjust dangerous-shared-cache-detection logic from "all shared data caches are dangerous" to "a shared L1 data cache is dangerous". This is a compromise between paranoia and performance: Unlike the L1 cache, nobody has publicly demonstrated a cryptographic side channel which exploits the L2 cache -- this is harder due to the larger size, lower bandwidth, and greater associativity -- and prohibiting shared L2 caches turns Intel Core Duo processors into Intel Core Solo processors. As before, the 'machdep.hyperthreading_allowed' sysctl will allow even the L1 data cache to be shared. Discussed with: jhb, scottl Security: See FreeBSD-SA-05:09.htt for background material. --- sys/amd64/amd64/mp_machdep.c | 4 ++-- sys/i386/i386/mp_machdep.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/sys/amd64/amd64/mp_machdep.c b/sys/amd64/amd64/mp_machdep.c index 7577b621a7aa..7ba7643209da 100644 --- a/sys/amd64/amd64/mp_machdep.c +++ b/sys/amd64/amd64/mp_machdep.c @@ -385,8 +385,8 @@ cpu_mp_start(void) * are available, use them. */ if (cpu_high >= 4) { - /* Ask the processor about up to 32 caches. */ - for (i = 0; i < 32; i++) { + /* Ask the processor about the L1 cache. */ + for (i = 0; i < 1; i++) { cpuid_count(4, i, p); threads_per_cache = ((p[0] & 0x3ffc000) >> 14) + 1; if (hyperthreading_cpus < threads_per_cache) diff --git a/sys/i386/i386/mp_machdep.c b/sys/i386/i386/mp_machdep.c index 1b36f1c1cb8d..bc5c65999f17 100644 --- a/sys/i386/i386/mp_machdep.c +++ b/sys/i386/i386/mp_machdep.c @@ -434,8 +434,8 @@ cpu_mp_start(void) * are available, use them. */ if (cpu_high >= 4) { - /* Ask the processor about up to 32 caches. */ - for (i = 0; i < 32; i++) { + /* Ask the processor about the L1 cache. */ + for (i = 0; i < 1; i++) { cpuid_count(4, i, p); threads_per_cache = ((p[0] & 0x3ffc000) >> 14) + 1; if (hyperthreading_cpus < threads_per_cache)