On Tue, Mar 28, 2017 at 04:58:58PM +0200, Maxime Villard wrote: > Having read several papers on the exploitation of cache latency to defeat > aslr (kernel or not), it appears that disabling the rdtsc instruction is a > good mitigation on x86. However, some applications can legitimately use it, > so I would rather suggest restricting it to root instead.
I may not understand some of your premises. Why do you single out the rdtsc instruction instead of other time sources? What do you mean by "legitimately" use rdtsc? It seems to me that it is legitimate for a user to use a high-resolution timer to profile some code that's under development. They may want to avoid running that code with root privileges under most circumstances. Dave -- David Young dyo...@pobox.com Urbana, IL (217) 721-9981