Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp6610054ybi; Wed, 29 May 2019 10:14:08 -0700 (PDT) X-Google-Smtp-Source: APXvYqyQ+jrYYy1qzkONLiD4GaZOzmf2BG1SoJH1aBiKCHjHGAl/8GOr2QdnrLuxV1rVgyptKasu X-Received: by 2002:a17:902:9698:: with SMTP id n24mr57617627plp.118.1559150048800; Wed, 29 May 2019 10:14:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559150048; cv=none; d=google.com; s=arc-20160816; b=BTadRTsDb8UfPcRhntmv59tvtw6rTJjXLdtkAln6JcSLWdmmfyh6nsyVcjKBy32yYd 1UkYy7OHUc//vWA6g0h5BsNq8S+vcfyRUT5paLvYW7FKdkrV6AgZzg1jy+69/hhgM9wX kySeYnfsqni3bei+Kqe1j6uVwky6clDDEFcs2eFITYGMaO6UzHzSahDTp2oemLm3RQws 3ZGzb/JM7fnz8XlHHo0tPLGqJK2sypv+GXH+7YZ7yvM0iz/LtXIeLWt9VsbOTlDxNZ58 XwA65LQ8xA2Q5M3b1T+9WobMnq/fNXu06q5veNZzY4jMCfKS3vrD3n6IhmzUELTwsamc /mHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=gtZZ2mauCSyv5FIfi7408NboHJJId3G3Hf0s1vyrqGw=; b=g7JX9fkknUiGCoF4jCDn5QcvUBwrBcg+oOuNzL2B80ye4I9FLoaNaIsbQTLTDf+sBW tS8IS7iJiDK+FueLbjOaeMmG9KgfQhOKNfXSQvdBXTPteA26X8j9/PGIx6C9RvYtFWjU OTHieedoVWTC9bA0SU4rsEcljtaYtzqDyPN1hAYMjExdMYzvd94eDzDlBNdlui56Cim/ gxKAGMXwepxSwyS0d1uZ9rcg0pj7F0mrX/nKnHlc9X98lJbwX51cPexQknoC8U863ASh Jx8uLHYpfdMO2v4PR48Wi6cv21eEBQR2pMvemNUoyWauzUwQN5tG+RRSCN9yjQfxpoYH rIsA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=eGDWJ39i; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id gn12si157508plb.394.2019.05.29.10.13.52; Wed, 29 May 2019 10:14:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=eGDWJ39i; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726828AbfE2RMN (ORCPT + 99 others); Wed, 29 May 2019 13:12:13 -0400 Received: from mail-ed1-f66.google.com ([209.85.208.66]:35115 "EHLO mail-ed1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726102AbfE2RMN (ORCPT ); Wed, 29 May 2019 13:12:13 -0400 Received: by mail-ed1-f66.google.com with SMTP id p26so4914002edr.2 for ; Wed, 29 May 2019 10:12:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gtZZ2mauCSyv5FIfi7408NboHJJId3G3Hf0s1vyrqGw=; b=eGDWJ39iOdOntTvkvhZiKKpZL9AQLAIKs6vpVsHcTKkwqUnNwzQw62hBfGXmb+SdiS 14SiapDyFWOZcySaVYui2GNfXxjkehfn+X1bGglg6DoOHmEbpGJOeSZ6x2FI6pATAZkw bQw1CpUHb9SH/+QIq6b0Gfh1PMgb5tIyZx0zLVnnFy1lYEpCDyrFrLzjsKrepfLLZEHP 44QqqYoL35GgLIyiWHy+EyQIwvrQ/SGT32gCDnXOlkCY4GVeW49+XmJnQsYKKkzJnNGJ /rsNUKfEbAn6QF0vhlRrS1OC8WvVB1r5t/EN6kzEybXipHqL71AnTOhk38sri5DFvHWW dALw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gtZZ2mauCSyv5FIfi7408NboHJJId3G3Hf0s1vyrqGw=; b=Y3FWZpB2s664XUEP+IxPeDjjPN5BGDqoWQjcZg7KNe+OMDxu74HdFdS5Rab6U1BnIr 6L/U7olbXdUJ3FdjSDsybOcI0Oud/kASLVglQ4pN1g/lfTjJrG6KCYcAfgDd9UmAUOXP U8wz47JKLPunk9xy6Tc549dAmgFjwSHFJLmZpWF8eZ51MPjKSks2/gPYIDibM90rUoF4 mqi+TNMA91lk5yC61M3B2SmnhhyEi2Ai9W6UfgQLMVnmNOGtaytsrgndUiOwjlExmNwc bjK0zB6RnQeCIex8Cu89n8wBTDSJd0VL9vTzPNYiXMSmgeqn6Kl2KGDIP+oVSdj+YN1/ TJoA== X-Gm-Message-State: APjAAAXE/mP3Bmb85mZaMp7cD0jpm6MVBGNjIV5a2zRWzCNF7YUGszQq wWOU/L0bYUu22328YZXmvESVQ3ZQOrcdMSOKX5C3PE3KGGOIpA== X-Received: by 2002:a17:906:b6cb:: with SMTP id ec11mr5916187ejb.215.1559149930839; Wed, 29 May 2019 10:12:10 -0700 (PDT) MIME-Version: 1.0 References: <5CEC9667.30100@intel.com> <5CEE3AC4.3020904@intel.com> In-Reply-To: <5CEE3AC4.3020904@intel.com> From: Eric Hankland Date: Wed, 29 May 2019 10:11:59 -0700 Message-ID: Subject: Re: [PATCH v1] KVM: x86: PMU Whitelist To: Wei Wang Cc: pbonzini@redhat.com, rkrcmar@redhat.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 29, 2019 at 12:49 AM Wei Wang wrote: > > On 05/29/2019 02:14 AM, Eric Hankland wrote: > > On Mon, May 27, 2019 at 6:56 PM Wei Wang wrote: > >> On 05/23/2019 06:23 AM, Eric Hankland wrote: > >>> - Add a VCPU ioctl that can control which events the guest can monitor. > >>> > >>> Signed-off-by: ehankland > >>> --- > >>> Some events can provide a guest with information about other guests or the > >>> host (e.g. L3 cache stats); providing the capability to restrict access > >>> to a "safe" set of events would limit the potential for the PMU to be used > >>> in any side channel attacks. This change introduces a new vcpu ioctl that > >>> sets an event whitelist. If the guest attempts to program a counter for > >>> any unwhitelisted event, the kernel counter won't be created, so any > >>> RDPMC/RDMSR will show 0 instances of that event. > >> The general idea sounds good to me :) > >> > >> For the implementation, I would have the following suggestions: > >> > >> 1) Instead of using a whitelist, it would be better to use a blacklist to > >> forbid the guest from counting any core level information. So by default, > >> kvm maintains a list of those core level events, which are not supported to > >> the guest. > >> > >> The userspace ioctl removes the related events from the blacklist to > >> make them usable by the guest. > >> > >> 2) Use vm ioctl, instead of vcpu ioctl. The blacklist-ed events can be > >> VM wide > >> (unnecessary to make each CPU to maintain the same copy). > >> Accordingly, put the pmu event blacklist into kvm->arch. > >> > >> 3) Returning 1 when the guest tries to set the evetlsel msr to count an > >> event which is on the blacklist. > >> > >> Best, > >> Wei > > Thanks for the feedback. I have a couple concerns with a KVM > > maintained blacklist. First, I'm worried it will be difficult to keep > > such a list up to date and accurate (both coming up with the initial > > list since there are so many events, and updating it whenever any new > > events are published or vulnerabilities are discovered). > > Not sure about "so many" above. I think there should be much > fewer events that may need to be blacklisted. > > For example the event table 19-3 from SDM 19.2 shows hundreds of > events, how many of them would you think that need to be blacklisted? > > > Second, users > > may want to differentiate between whole-socket and sub-socket VMs > > (some events may be fine for the whole-socket case) - keeping a single > > blacklist wouldn't allow for this. > > Why wouldn't? > In any case (e.g. the whole socket dedicated to the single VM) we > want to unlock the blacklisted events, we can have the userspace > (e.g. qemu command line options "+event1, +event2") do ioctl to > have KVM do that. > > Btw, for the L3 cache stats event example, I'm not sure if that could > be an issue if we have "AnyThread=0". I'll double confirm with > someone. > > Best, > Wei > Not sure about "so many" above. I think there should be much > fewer events that may need to be blacklisted. I think you're right that there are not as many events that seem like they could leak info as events that seem like they won't, but I think the work to validate that they definitely don't could be expensive; with a whitelist it's easy to start with a smaller set and incrementally add to it without having to evaluate all the events right away. > > (some events may be fine for the whole-socket case) - keeping a single > > blacklist wouldn't allow for this. > > Why wouldn't? Ah I think I misunderstood your proposal (as an ioctl that would just enable a hardcoded blacklist). Now that I understand, my main objection is just the above (coupled with the trouble of needing to maintain the "default" blacklist). Eric