[seL4] Re: Question about LionsOS

On 18 Apr 2024, at 13:13, Demi Marie Obenour wrote: properly implements mitigations. Time protection is a principled solution to side-channel attacks, but it requires that the time consumed by operations on sensitive data is not observable. This is actually not a correct summary of time protection (TP). In contrast, TP *ensures* that kernel operations are constant time, and that userspace operations do not produce observable timing variations across security domains. Having said that, TP isn’t in the mainline kernel and is still experimental. We’re planning to restart that project mid-year. Gernot