Scheduler fixes for hyperthreading

From: Colin Percival (cperciva_at_freebsd.org)
Date: 05/22/05

  • Next message: Marcel Moolenaar: "Re: Scheduler fixes for hyperthreading" 
    Date: Sat, 21 May 2005 16:11:07 -0700
To: freebsd-arch@freebsd.org

      As you are probably all aware by now, HyperThreading has been
    disabled on the stable and security branches due to a problem
    with information leakage between threads which are scheduled
    simultaneously on the two processor cores. Clearly, some people
    (and at least one large company) are unhappy about us having
    hyperthreading disbaled, so the security team would like to see
    hyperthreading re-enabled by default as soon as we believe that
    this can be done safely.

      The following must be done before hyperthreading is re-enabled:

    1. The scheduler must be taught to not run threads on the same
    processor core unless they p_candebug() each other. For reasons
    of performance and locking, this is probably best accomplished by
    only allowing threads to share a processor core if they belong
    to the same process.
    2. When a thread is in the kernel, there must be a mechanism for
    it to IPI its siblings and put them to sleep, and then wake them
    up later. This would be used any time when a thread in the kernel
    is about to handle sensitive data in a non-oblivious manner; IPsec
    is a good example of where this would be necessary.

      Does anyone want to step forward to work on this?

    Colin Percival
    _______________________________________________
    freebsd-arch@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-arch
    To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"

  • Next message: Marcel Moolenaar: "Re: Scheduler fixes for hyperthreading"

    Relevant Pages