What would be more sane alternatives, when it becomes obvious that any side-effect of timing is a potential attack vector?
See https://www.hertzbleed.com/ for frequency side channels.
I do only see dedicated security cores as options with fast data lanes to the CPU similar to what Apple is doing with Secure Enclave or do you have better suggestions that still allow performance and power savings?
amluto|3 months ago
This could be done using an opcode prefix, which would bloat code but would work perfectly. Or it could use an RFLAGS bit or a bit in MXCSR or a new register, etc.
Almost anything would be better than an MSR that is only accessible to privileged code.
cesarb|3 months ago
> Almost anything would be better than an MSR that is only accessible to privileged code.
ARM does that: their flag (DIT) is accessible by non-privileged code. If you know the architecture has that flag, either because your -march= is recent enough or because the operating system told you so through the hwcaps or the emulated id registers, you can use it freely without needing to switch to privileged mode through a syscall.