Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752627AbbF1PK5 (ORCPT <rfc822;w@1wt.eu>);
	Sun, 28 Jun 2015 11:10:57 -0400
Received: from out3-smtp.messagingengine.com ([66.111.4.27]:39999 "EHLO
	out3-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1752533AbbF1PKx (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Sun, 28 Jun 2015 11:10:53 -0400
X-Sasl-enc: 5x79t5H9t24DFKIUXx1mgRCCXLMCkLDOPpWO2AdGKxqg 1435504252
Date: Sun, 28 Jun 2015 12:10:49 -0300
From: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
To: Prarit Bhargava <prarit@redhat.com>
Cc: Andy Lutomirski <luto@amacapital.net>, Ingo Molnar <mingo@kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "H. Peter Anvin" <hpa@zytor.com>, Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, X86 ML <x86@kernel.org>,
        Len Brown <len.brown@intel.com>,
        Dasaratharaman Chandramouli 
	<dasaratharaman.chandramouli@intel.com>,
        Peter Zijlstra <a.p.zijlstra@chello.nl>,
        Borislav Petkov <bp@alien8.de>, Andy Lutomirski <luto@kernel.org>,
        Denys Vlasenko <dvlasenk@redhat.com>, Brian Gerst <brgerst@gmail.com>,
        Arnaldo Carvalho de Melo <acme@infradead.org>
Subject: Re: [PATCH] x86, msr: Allow read access to /dev/cpu/X/msr
Message-ID: <20150628151049.GB20989@khazad-dum.debian.net>
References: <1435341131-3279-1-git-send-email-prarit@redhat.com>
 <20150627083354.GA12834@gmail.com>
 <20150627083921.GA13074@gmail.com>
 <CALCETrXpiMWwiAfbxcKTDYCewrwq-UTwLV+xXTxdOkd+B3G-OQ@mail.gmail.com>
 <559005DD.3070003@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <559005DD.3070003@redhat.com>
X-GPG-Fingerprint1: 4096R/39CB4807 C467 A717 507B BAFE D3C1  6092 0BD9 E811
 39CB 4807
X-GPG-Fingerprint2: 1024D/1CDB0FE3 5422 5C61 F6B7 06FB 7E04  3738 EE25 DE3F
 1CDB 0FE3
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1008
Lines: 21

On Sun, 28 Jun 2015, Prarit Bhargava wrote:
> Is it easier to blacklist MSRs we don't want generally exposed, or only expose
> the ones that we think are safe?  That's sort of a devil's advocate sort of
> question ;) and I'm wondering what the shorter list is.

The only way to make MSR access safe is to allow it only by whitelisting.
The x86 platform restricts all MSR access to ring 0 for a damn good reason.

Also, such a whitelist would most likely need to be vendor and model-aware,
and to differentiate "allow reads" from "allow writes"...

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/