This is the mail archive of the
mailing list for the glibc project.
Re: [PATCHv4 0/2] tunables for glibc
- From: Florian Weimer <fweimer at redhat dot com>
- To: "H.J. Lu" <hjl dot tools at gmail dot com>, Siddhesh Poyarekar <siddhesh at sourceware dot org>
- Cc: GNU C Library <libc-alpha at sourceware dot org>, "Carlos O'Donell" <carlos at redhat dot com>
- Date: Wed, 7 Sep 2016 16:50:58 +0200
- Subject: Re: [PATCHv4 0/2] tunables for glibc
- Authentication-results: sourceware.org; auth=none
- References: <email@example.com> <CAMe9rOqdSjVL0PLyLMQ=Hki4=ms1iygWi+j9YNtHpmvO9TVXMg@mail.gmail.com> <firstname.lastname@example.org> <CAMe9rOqTMp=4hdpEja3+mwAh3Rz_hpoBq_vk-ESGqtjURtZQng@mail.gmail.com>
On 09/07/2016 04:44 PM, H.J. Lu wrote:
The whole point of cpu features is it is initialized as early as possible
so that it can be used for ifunc. I don't think __init_tunables is suitable
for ifunc, which doesn't have any security implications on x86.
Disabling CPU features for crypto acceleration may introduce timing
attacks and information leakage (especially if the fallback
implementation uses lookup tables).
(It's not relevant for glibc at present, I think.)