Re: AES leaks, cgd ciphers, and vector units in the kernel

To: Taylor R Campbell <riastradh%NetBSD.org@localhost>
Subject: Re: AES leaks, cgd ciphers, and vector units in the kernel
From: Martin Husemann <martin%duskware.de@localhost>
Date: Thu, 18 Jun 2020 07:19:43 +0200

On Wed, Jun 17, 2020 at 11:36:11PM +0000, Taylor R Campbell wrote:
> Thoughts?  Comments?  Objections?  Musical numbers by Groucho Marx on
> the nature of consensus?

I like all of it, especially the fpu kernel thread part you did leave
out for now, which I wanted since we started thinking about in-kernel
audio mixing ;-}

One minor nit: with the performance impact that high, and there being
setups where runtime side channel attacks are totally not an issue,
maybe we should leave the old code in place for now, #ifdef'd as
default-off options to provide time for a full reconstruction (or untill
the machine gets update to "the last decade" cpu)?

I have a setup like that, but in my case throughput is not local cpu
bound at all, so not a big deal for me - but I guess others could be
affected (here it is: trusted admin-only server w/o any side channel attack
surfaces, backup via rsync to CGD over ISCSI over VPN to off site device,
slow VPN being the limiting factor - and don't ask, parts of that construction
were not negotiable, like the final target device and the types of connections
it offers).

Martin

Follow-Ups:
- Re: AES leaks, cgd ciphers, and vector units in the kernel
  - From: Taylor R Campbell

References:
- AES leaks, cgd ciphers, and vector units in the kernel
  - From: Taylor R Campbell

Prev by Date: AES leaks, cgd ciphers, and vector units in the kernel
Next by Date: Re: AES leaks, cgd ciphers, and vector units in the kernel
Previous by Thread: AES leaks, cgd ciphers, and vector units in the kernel
Next by Thread: Re: AES leaks, cgd ciphers, and vector units in the kernel
Indexes:

Home | Main Index | Thread Index | Old Index