Re: Does it have to be completely disabled?
"I was wondering about that too. Given that threads already have access to all the data in a process, restricting SMT to threads with the same process ID presumably wouldn't allow any new channels for information leakage."
The threads only have access to their own data when everything is working correctly.
The flaw with Intel's hyper-threading is that instructions continue to be processed with no further checks in the event of speculative execution causing an exception (including a memory access fault) for a number of processor cycles. This window allows access to any data cached by the CPU as long as instructions are sequenced correctly.