CLKSCREW, Meltdown and Spectre Mitigation
This post presents a very short summary of CLKSCREW, Meltdown and Spectre mitigation strategies, links to each paper and a link to KAISER.
CLKSCREW, Meltdown and Spectre _all_ rely on counting CPU clocks. CLKSCREW also relies on the ability for one core to modify frequency and voltage that impacts another core (which may be running a trusted OS).
Summary of Mitigations Presented in Each Papers
Apply the KAISER patch to the Linux kernel and patches that accomplish the same thing for Windows and MacOS. This patch removes kernel mappings in userspace process, stopping Meltdown.
No good mitigation strategy is listed, apart from disabling speculative execution.
Randomize the timing of sensitive code or better: compile code with checksum integrity and execution redundancy.
Images from https://meltdownattack.com/