Subject: FreeBSD's latest SA on amd fpu usage..
To: None <port-amd64@netbsd.org>
From: Martijn van Buul <martijnb@atlas.ipv6.stack.nl>
List: port-amd64
Date: 04/19/2006 08:43:21
Hi.
The latest FreeBSD security advisory is a nasty one, see
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06%3A14.fpu.asc
It basicly boils down to "In contrast to popular belief, fx(save|rstor)
doesn't save/restore all registers". Apperently, FOP, FIP and FDP aren't
saved. While I'm starting to get a little bit weary about "This may allow an
attacker to steal cryptographic keys", I do see the possibility of opening
a covert channel this way.
Are we at risk? (And is the i386 port at risk..)