> Date: Mon, 2 Oct 2017 21:42:11 +0200
> From: Joerg Sonnenberger <joerg%bec.de@localhost>
>
> On Mon, Oct 02, 2017 at 07:23:16PM +0000, Maxime Villard wrote:
> > Add a machdep.tsc_user_enable sysctl, to enable/disable the rdtsc
> > instruction in usermode. It defaults to enabled.
>
> Do we really need this change? I've said it before, I consider this a
> really stupid idea and effectively useless complexity. rdtsc is not
> necessary for precision measurement as long as an attacker is willing to
> waste CPU time, i.e. having one core spinning incrementing a counter and
> reading that one of a second core will give fairly accurate measurements
> as long as both cores are near each other. It's normally not that
> difficult to ensure that.
Concur. The way to thwart timing side channel attacks is not to
pretend attackers don't have stop-watches; it's to avoid the variable
timing that creates the side channels in the first place.