[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Restricting rdtsc [was: kernel aslr]
On Tue, Mar 28, 2017 at 04:58:58PM +0200, Maxime Villard wrote:
> Having read several papers on the exploitation of cache latency to defeat
> aslr (kernel or not), it appears that disabling the rdtsc instruction is a
> good mitigation on x86. However, some applications can legitimately use it,
> so I would rather suggest restricting it to root instead.
I may not understand some of your premises.
Why do you single out the rdtsc instruction instead of other time
What do you mean by "legitimately" use rdtsc? It seems to me that it
is legitimate for a user to use a high-resolution timer to profile some
code that's under development. They may want to avoid running that code
with root privileges under most circumstances.
dyoung%pobox.com@localhost Urbana, IL (217) 721-9981
Main Index |
Thread Index |