[Whonix-devel] DRAMA countermeasures

• Previous message: [Whonix-devel] DRAMA countermeasures
• Next message: [Whonix-devel] DRAMA countermeasures
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I had an interesting alternative in mind based on some of the other 
mitigation advice: blocking timing information as a possible solution.

With KVM, CPU instructions can be masked out by QEMU and not be 
available to guests. I already blacklisted clflush some time ago. The 
different variants of the tsc instruction are not passed through by 
default either.

All timers except acpi_pm are disabled too.

I was wondering how helpful all this is? and how much this remaining 
timer can aid attacks?

Are we in the clear if I figure out how to eliminate acpi_pm?


Details on acpi_pm precision:

"The ACPI Power Management Timer (or ACPI PMT) is yet another clock 
device included in almost all ACPI-based motherboards. Its clock signal 
has a fixed frequency of roughly 3.58 MHz. The device is actually a 
simple counter increased at each clock tick"

https://stackoverflow.com/a/7987771

• Previous message: [Whonix-devel] DRAMA countermeasures
• Next message: [Whonix-devel] DRAMA countermeasures
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]