This clearly demonstrates that kernel compromises are out of scope for this. It means that the threat model is probably only code that can mount side-channel attacks on the kernel to leak data but can’t mount side-channel attacks on userspace code to leak data. I guess you can compose this with a model (such as that encouraged by libsodium) where secrets are mapped no-access except when actually in use, limiting the window during which side channels can be exploited. I’m still struggling a bit to understand the threat model in which this is in the to twenty easiest attacks though.
This clearly demonstrates that kernel compromises are out of scope for this. It means that the threat model is probably only code that can mount side-channel attacks on the kernel to leak data but can’t mount side-channel attacks on userspace code to leak data. I guess you can compose this with a model (such as that encouraged by libsodium) where secrets are mapped no-access except when actually in use, limiting the window during which side channels can be exploited. I’m still struggling a bit to understand the threat model in which this is in the to twenty easiest attacks though.