No. I've erased this reply several times as I thought of a mitigation to the problem I was going to state - but in the end nothing mitigates everything. Most of the ways to make this work are hard to get right - it is too easy to forget to mark something as unsafe, or in some other way allow data to the fast cores that the fast cores shouldn't have.
Even if you figure out how to do it though, you can still fall to a double failure: your safe code doesn't leak passwords via a timing attack, but via something else (buffer overflow?) it leaks the password to the unsafe side, which in turn leaks it via a timing attack.
Even if you figure out how to do it though, you can still fall to a double failure: your safe code doesn't leak passwords via a timing attack, but via something else (buffer overflow?) it leaks the password to the unsafe side, which in turn leaks it via a timing attack.