Re: Restricting rdtsc [was: kernel aslr]

To: tech-kern%netbsd.org@localhost
Subject: Re: Restricting rdtsc [was: kernel aslr]
From: David Young <dyoung%pobox.com@localhost>
Date: Tue, 28 Mar 2017 11:30:52 -0500

On Tue, Mar 28, 2017 at 04:58:58PM +0200, Maxime Villard wrote:
> Having read several papers on the exploitation of cache latency to defeat
> aslr (kernel or not), it appears that disabling the rdtsc instruction is a
> good mitigation on x86. However, some applications can legitimately use it,
> so I would rather suggest restricting it to root instead.

I may not understand some of your premises.

Why do you single out the rdtsc instruction instead of other time
sources?

What do you mean by "legitimately" use rdtsc?  It seems to me that it
is legitimate for a user to use a high-resolution timer to profile some
code that's under development.  They may want to avoid running that code
with root privileges under most circumstances.

Dave

-- 
David Young
dyoung%pobox.com@localhost    Urbana, IL    (217) 721-9981

Follow-Ups:
- Re: Restricting rdtsc [was: kernel aslr]
  - From: Joerg Sonnenberger
- Re: Restricting rdtsc [was: kernel aslr]
  - From: Manuel Bouyer

References:
- Restricting rdtsc [was: kernel aslr]
  - From: Maxime Villard

Prev by Date: Re: Restricting rdtsc [was: kernel aslr]
Next by Date: Re: Restricting rdtsc [was: kernel aslr]
Previous by Thread: Re: Restricting rdtsc [was: kernel aslr]
Next by Thread: Re: Restricting rdtsc [was: kernel aslr]
Indexes:

Home | Main Index | Thread Index | Old Index