Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp4951988ybi;
        Mon, 3 Jun 2019 21:38:44 -0700 (PDT)
X-Google-Smtp-Source: APXvYqz+e+nmsg4UWQP4xrFpTG0LsKXTjPSsk2OTlOKPUo02lX1Q0Weqwj9dV9GTunsv7S5z0LIg
X-Received: by 2002:a63:db4e:: with SMTP id x14mr34122780pgi.119.1559623124095;
        Mon, 03 Jun 2019 21:38:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1559623124; cv=none;
        d=google.com; s=arc-20160816;
        b=fZew1BNopFmGoMDoD2ee7kIRlxn5orxgKjECaJEDkfpLDRlPZmd8mWulh9loYSRFz2
         I+kquLWgHdwYOmu1kuDdMLJZo1f7MAntZQaCfr82y6besRd0P188GUm3cYy0O3X9JQG2
         NI9F6gF3fM48R5kl1/utFQ63cCkzMMyUx1Bc88TS0U+JZGXybqrdNTklhOVS1oJER/T8
         WSgtDdKOOEnd6bze3IZPOOMVjcyH+k9qQkp2J/q+L8UJRtd8tpOelKUpG9cyMOj2No7i
         UsNTrEXRjVvCHwR/fhRerP7FiFFUorLhXuL4RJXqJRvRmwweP2KdXAo4GkVIxzO7cv7I
         Yz5g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:in-reply-to
         :references:subject:cc:to:mime-version:user-agent:from:date
         :message-id;
        bh=Wtqtu7voJKUqPsRY3REeeEg4Gb+utewBYCiCPIhwE90=;
        b=yqT4n6Kc1BWApmK842c3ZLEJfBDa5YLTW1OpXuGWjKTC1q6KuaodZYnLeC5kc6ruj4
         7OUcJqJVFMp145INTgSBXHm5+IwuLS/rJ8xmE3YRwbyW+QIDEDj4rZcMzYI5qbmcPhmb
         WZ+Lj5QDlmgberE7dA6U7+8/Ndhq2bHeNL9/7KtELcycEgdD/AGSrUt8r/q66WnAp2Ed
         L7s0DqmbohH/vO4z38ZyEggkYxHetd6aPAugSDAx15ekofz/uiLYP7Xcs7XGg9rhUXXq
         PFMVcTmny+PZS8CqzC8CPoqA0iYKxqyoIO1EJlyU6SZZHO03HgtZCxunBUQMAHG/cPZ2
         06mw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g22si21386910pgb.107.2019.06.03.21.38.26;
        Mon, 03 Jun 2019 21:38:44 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726465AbfFDEhP (ORCPT <rfc822;testajctc@gmail.com> + 99 others);
        Tue, 4 Jun 2019 00:37:15 -0400
Received: from mga02.intel.com ([134.134.136.20]:46171 "EHLO mga02.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726136AbfFDEhP (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 4 Jun 2019 00:37:15 -0400
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga007.jf.intel.com ([10.7.209.58])
  by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Jun 2019 21:37:14 -0700
X-ExtLoop1: 1
Received: from unknown (HELO [10.239.13.7]) ([10.239.13.7])
  by orsmga007.jf.intel.com with ESMTP; 03 Jun 2019 21:37:13 -0700
Message-ID: <5CF5F6AE.90706@intel.com>
Date:   Tue, 04 Jun 2019 12:42:22 +0800
From:   Wei Wang <wei.w.wang@intel.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To:     Eric Hankland <ehankland@google.com>
CC:     pbonzini@redhat.com, rkrcmar@redhat.com,
        linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Subject: Re: [PATCH v1] KVM: x86: PMU Whitelist
References: <CAOyeoRWfPNmaWY6Lifdkdj3KPPM654vzDO+s3oduEMCJP+Asow@mail.gmail.com> <5CEC9667.30100@intel.com> <CAOyeoRWhfyuuYdguE6Wrzd7GOdow9qRE4MZ4OKkMc5cdhDT53g@mail.gmail.com> <5CEE3AC4.3020904@intel.com> <CAOyeoRW85jV=TW_xwSj0ZYwPj_L+G9wu+QPGEF3nBmPbWGX4_g@mail.gmail.com> <5CF07D37.9090805@intel.com> <CAOyeoRXWQaVYZSVL_LTTdAwJOEr+eCzhp1=_JcOX3i6_CJiD_g@mail.gmail.com> <5CF2599B.3030001@intel.com> <CAOyeoRWuHyhoy6NB=O+ekQMhBFngozKoanWzArxgBk4DH2hdtg@mail.gmail.com>
In-Reply-To: <CAOyeoRWuHyhoy6NB=O+ekQMhBFngozKoanWzArxgBk4DH2hdtg@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 06/04/2019 01:30 AM, Eric Hankland wrote:
> On Sat, Jun 1, 2019 at 3:50 AM Wei Wang <wei.w.wang@intel.com> wrote:
>> My question is that have we proved that this indirect info leakage
>> indeed happens?
>> The spec states that the counter will count the related events generated by
>> the logical CPU with AnyThread=0. I would be inclined to trust the
>> hardware behavior
>> documented in the spec unless we could prove there is a problem.
> I'm not disputing the spec with regards to AnyThread=0; my point is
> that LLC contention can be quantified using the PMU regardless of
> whether or not you are measuring only the logical CPU you are running
> on.

So, I'm not sure if "quantifying LLC contention" has been proved to
be a real issue. If this is considered to be an issue:

- without PMU, we could also write a piece of software to run in the
guest to quantify that contention (e.g. by analyzing the memory access
latency). How do you prevent this?

- the same thing could also happen with the L1 cache (e.g. a vCPU
and a host thread run 2 logical CPUs on the same core). If this is disabled
as well, we may have very few events usable, and would like to see what you
have on the whitelist.


Best,
Wei