> Date: Tue, 28 Mar 2017 16:58:58 +0200 > From: Maxime Villard <m...@m00nbsd.net> > > Having read several papers on the exploitation of cache latency to defeat > aslr (kernel or not), it appears that disabling the rdtsc instruction is a > good mitigation on x86. However, some applications can legitimately use it, > so I would rather suggest restricting it to root instead.
Put barriers in the way of legitimate applications to thwart hypothetical attackers who will... step around them and use another time source, of which there are many options in the system? This sounds more like cutting off the nose to spite the face than a good mitigation against real attacks.