Re: Restricting rdtsc [was: kernel aslr]

To: <campbell+netbsd-tech-kern%mumble.net@localhost>
Subject: Re: Restricting rdtsc [was: kernel aslr]
From: <Paul.Koning%dell.com@localhost>
Date: Tue, 28 Mar 2017 18:45:36 +0000

> On Mar 28, 2017, at 2:37 PM, Taylor R Campbell <campbell+netbsd-tech-kern%mumble.net@localhost> wrote:
> 
> [EXTERNAL EMAIL]
> 
>> Date: Tue, 28 Mar 2017 16:58:58 +0200
>> From: Maxime Villard <max%m00nbsd.net@localhost>
>> 
>> Having read several papers on the exploitation of cache latency to defeat
>> aslr (kernel or not), it appears that disabling the rdtsc instruction is a
>> good mitigation on x86. However, some applications can legitimately use it,
>> so I would rather suggest restricting it to root instead.
> 
> Put barriers in the way of legitimate applications to thwart
> hypothetical attackers who will... step around them and use another
> time source, of which there are many options in the system?  This
> sounds more like cutting off the nose to spite the face than a good
> mitigation against real attacks.

More in general, it seems to me that the answer to timing attacks is not to attempt to make timing information unavailable (which is not doable, as has been explained already) -- but rather to fix the algorithm to remove the vulnerability.

	paul

References:
- Re: Restricting rdtsc [was: kernel aslr]
  - From: Taylor R Campbell

Prev by Date: Re: Restricting rdtsc [was: kernel aslr]
Next by Date: Re: Restricting rdtsc [was: kernel aslr]
Previous by Thread: Re: Restricting rdtsc [was: kernel aslr]
Next by Thread: Re: Restricting rdtsc [was: kernel aslr]
Indexes:

Home | Main Index | Thread Index | Old Index