[grsec] Hyperthreading and Xeon x86_64's

[coderman]

On 12/12/05, Gian G. Spicuzza <gianspi at gsent.org> wrote:
> 1:  And with this knownledge why do you still wish to enable HT?

what i meant was that if cache timing side channels are in your threat
model you need to not only disable HT but also perform all
AES/$vuln_cipher operations in hardware*.  while i agree with this
approach (i'm fond of the VIA padlock engine) it's certainly far from
common practice.

[* it is possible to make AES resistant to this attack in software,
but greatly reduces the efficiency / throughput, probably too much for
practical use]