Re: Restricting rdtsc [was: kernel aslr]

To: tech-kern%netbsd.org@localhost
Subject: Re: Restricting rdtsc [was: kernel aslr]
From: David Young <dyoung%pobox.com@localhost>
Date: Tue, 28 Mar 2017 14:32:53 -0500

On Tue, Mar 28, 2017 at 06:47:11PM +0200, Manuel Bouyer wrote:
> On Tue, Mar 28, 2017 at 11:30:52AM -0500, David Young wrote:
> > [...]
> > What do you mean by "legitimately" use rdtsc?  It seems to me that it
> > is legitimate for a user to use a high-resolution timer to profile some
> > code that's under development.  They may want to avoid running that code
> > with root privileges under most circumstances.
> > 
> 
> Sure.
> At the very last a sysctl to remove the restriction is needed.

Just to expand on that, an interface to set the restriction on a
per-process (per-thread?) level would be handy.

Capabilities beckon! :-)

Dave

-- 
David Young
dyoung%pobox.com@localhost    Urbana, IL    (217) 721-9981

References:
- Restricting rdtsc [was: kernel aslr]
  - From: Maxime Villard
- Re: Restricting rdtsc [was: kernel aslr]
  - From: David Young
- Re: Restricting rdtsc [was: kernel aslr]
  - From: Manuel Bouyer

Prev by Date: Re: Prospective project for Summer of Code.
Next by Date: Re: Restricting rdtsc [was: kernel aslr]
Previous by Thread: Re: Restricting rdtsc [was: kernel aslr]
Next by Thread: Re: Restricting rdtsc [was: kernel aslr]
Indexes:

Home | Main Index | Thread Index | Old Index