Stefan Sperling wrote:
> I also have some machines which are affected by this, and I am
> not sure what to about it. I cannot judge the advantages of
> either AES implementation.
There's very little advantage to a constant time implementation for disk
encryption. The threat model doesn't really
> There's very little advantage to a constant time implementation for disk
> encryption.
100% agree
But this has been shoved into the tree, only considering IPSEC performance,
and zero assessment of the impact it has upon other consumers.
It was done wrong. It was commited before we were
On Sun, May 07, 2017 at 08:06:56PM -0400, m.r...@excitingdomainname.com wrote:
> On 2017-05-07 19:30, Mike Belopuhov wrote:
> > You observe a decrease in performance because we've switched to
> > a constant time machine independent AES implementation which is
> > inherently slower than the T-table
On Wed, May 17, 2017 at 18:23 +0200, Stefan Sperling wrote:
> On Sun, May 07, 2017 at 08:06:56PM -0400, m.r...@excitingdomainname.com wrote:
> > On 2017-05-07 19:30, Mike Belopuhov wrote:
> > > You observe a decrease in performance because we've switched to
> > > a constant time machine
> This is simply not true if you have local users on the same box.
> http://www.cs.tau.ac.il/~tromer/papers/cache.pdf
don't need to worry about that attack anymore, because you made it
so slow noone can use the functionality anymore.
prevously this software functionality was generally used in
On Wed, May 17, 2017 at 12:42 -0400, Ted Unangst wrote:
> Stefan Sperling wrote:
> > I also have some machines which are affected by this, and I am
> > not sure what to about it. I cannot judge the advantages of
> > either AES implementation.
>
> There's very little advantage to a constant time
On Wed, May 17, 2017 at 07:17:56PM +0200, Mike Belopuhov wrote:
> There are ways to improve perfomance but more work is required
> to get there. In the meantime if the consensus is that XTS
> performance is unacceptable we can roll it back to T-tables.
>
> Please test the diff below.
Works for
On Wed, May 17, 2017 at 09:04:29PM +0200, Solene Rapenne wrote:
> >Synopsis:Laptop keyboard isn't working and wireless card isn't found
> >Fix:
> No idea
> vendor "Atheros", unknown product 0x0042 (class network subclass
> miscellaneous, rev 0x31) at pci1 dev 0 function 0 not
On 2017/05/17 21:04, Solene Rapenne wrote:
> Once bsd.rd boot, the keyboard isn't usable. I can't type on it,
> nothing happens. I can use an usb keyboard. No network interface
> is found within the installer nor ifconfig outputs finds a network
> interface, so the wifi isn't even found. The
On Tue, May 16, 2017 at 08:25:06PM -0700, Bryan Vyhmeister wrote:
> >Synopsis:HP EliteBook Folio G1 efifb(4) at 1024x768 instead of 1920x1080
> >Category:amd64
> >Environment:
> System : OpenBSD 6.1
> Details : OpenBSD 6.1-current (GENERIC.MP) #53: Wed May 10 19:00:28
On 2017-05-12 10:34, Mark Kettenis wrote:
>> The bsd.rd and bsd.sp kernel works, but the mp kernel gives me crashes
>> on every boot. dmesg from May-9 bsd.sp at the bottom.
>
> Probably fixed by my changes to sys/mbuf.h.
Yes, for the record, newer MP kernel didn't show this behaviour and has
11 matches
Mail list logo