tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Restricting rdtsc [was: kernel aslr]

> Date: Tue, 28 Mar 2017 16:58:58 +0200
> From: Maxime Villard <>
> Having read several papers on the exploitation of cache latency to defeat
> aslr (kernel or not), it appears that disabling the rdtsc instruction is a
> good mitigation on x86. However, some applications can legitimately use it,
> so I would rather suggest restricting it to root instead.

Put barriers in the way of legitimate applications to thwart
hypothetical attackers who will... step around them and use another
time source, of which there are many options in the system?  This
sounds more like cutting off the nose to spite the face than a good
mitigation against real attacks.

Home | Main Index | Thread Index | Old Index