Source-Changes-D archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: src/sys/arch/x86/x86
Maxime Villard wrote:
> In the first mail, you said that it was better to have a all-or-nothing
> sysctl, which is *exactly* what I just committed.
Yes, sysctl is better than giving rdtsc to root only. But "better"
alone isn't strong enough to count me as a supporter.
> In the second one, as a reply to me, you were indeed talking about
> more granular control -- but with vdso, which we don't have, so
> it's basically not doable.
IMO, it's more important to have vdso than to control rdtsc.
> (PS: there is no point in having it done in a note section either, since
> unpriv user can still create a binary with rdtsc enabled and side channel
> the kernel.)
Mount all user-writable partitions with noexec.
--
Alex
Home |
Main Index |
Thread Index |
Old Index