Maxime Villard <m...@m00nbsd.net> wrote: |Having read several papers on the exploitation of cache latency to defeat |aslr (kernel or not), it appears that disabling the rdtsc instruction is a |good mitigation on x86. However, some applications can legitimately use it, |so I would rather suggest restricting it to root instead.
I have used it for random noise in user space. I don't want to paste it, it is so ridiculous…, but then again a nice example of user space horror – you may skip the rest at your will. |The idea is simple: we set CR4_TSD in %cr4, the first time an application |uses rdtsc it faults, we look at the creds of the lwp, if it is root we I used it to add noise to my ARC4 random generator upon ()()/call() time, as in // strong (noisy) generator? if(m_d.flags & f_strong) { #if(__HAVE_RAND_CRYPTOHW) if(__RAND_CRYPTOHW_OK) { ret = ::__sf_sys_misc_rand_Strong(); goto jout; } else #endif addNoise(); } where this was #if(__HAVE_RAND_CRYPTOHW) if(!m_d.enpy) goto jout; #endif #if(!__HAVE_RAND_NOISE) ep.now().setSecond(ep.second() ^ ep.microsecond()) .setMicrosecond(_WEAK(ep.microsecond())); addNoise(ep.tv(), szof(Epoch::TimeVal)); #else x = ::__sf_sys_misc_rand_Noise(); stack[0] = x; x = _WEAK(x); stack[1] = x; addNoise(stack, szof(stack)); #endif #if(__HAVE_RAND_CRYPTOHW) jout: #endif and that with args did a loop that used "random" bytes of the given "stack" as noise additions to the internal entropy (and doing one ARC4 stir after each addition). |What about this? No longer of any value, it seems to me. --steffen