> Date: Mon, 2 Oct 2017 21:42:11 +0200 > From: Joerg Sonnenberger <jo...@bec.de> > > On Mon, Oct 02, 2017 at 07:23:16PM +0000, Maxime Villard wrote: > > Add a machdep.tsc_user_enable sysctl, to enable/disable the rdtsc > > instruction in usermode. It defaults to enabled. > > Do we really need this change? I've said it before, I consider this a > really stupid idea and effectively useless complexity. rdtsc is not > necessary for precision measurement as long as an attacker is willing to > waste CPU time, i.e. having one core spinning incrementing a counter and > reading that one of a second core will give fairly accurate measurements > as long as both cores are near each other. It's normally not that > difficult to ensure that.
Concur. The way to thwart timing side channel attacks is not to pretend attackers don't have stop-watches; it's to avoid the variable timing that creates the side channels in the first place.
