[webkit-dev] Request for position: Aligning high-resolution timer granularity to cross-origin isolated capability

Ryosuke Niwa rniwa at webkit.org
Thu Mar 18 01:49:51 PDT 2021


On Thu, Mar 18, 2021 at 12:26 AM Yoav Weiss via webkit-dev
<webkit-dev at lists.webkit.org> wrote:
>
> On Wed, Mar 17, 2021 at 5:51 PM Geoff Garen <ggaren at apple.com> wrote:
>>
>> For the 100 microsecond value — our research suggests that you need a much higher value in vulnerable contexts.
>>
>> For the guaranteed isolated case — have you considered the use of high precision time to carry out non-Spectre timing attacks?
>
> Could you elaborate on those 2 points?

We've made a conclusion, based on our prior research, that in order to
successfully mitigate Spectre / Meltdown class of attacks, we can't
allow 100μs precision timing measurements. As such, we have no plan or
desire to increase the precision of "high precision" time from 1ms to
100μs. I'm not going to provide details as to how or why due to the
nature of the topic.

The second point is that there are dangerous timing attacks besides
from Spectre/Meltdown that are effective with a precision meaningfully
higher than 100μs. This is why the precision of WebKit's high
resolution time had been reduced to 100μs in
https://trac.webkit.org/r209462 even prior to the issue of Spectre /
Meltdown were identified. There are a number of literatures on various
kinds of timing attacks possible, but again, I'd refrain from
disclosing details here.

- R. Niwa


More information about the webkit-dev mailing list