Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp7748283ybi; Thu, 6 Jun 2019 00:33:12 -0700 (PDT) X-Google-Smtp-Source: APXvYqxQ81Plyhq0pB2bU4/dSXZataU9Mg8tB2kzksn6lbcIhzuUvuuWZ5OO1vZsDoez8gE668I1 X-Received: by 2002:a65:60d2:: with SMTP id r18mr2063741pgv.217.1559806392153; Thu, 06 Jun 2019 00:33:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559806392; cv=none; d=google.com; s=arc-20160816; b=tLzdSTp7mvlVKnRzykXRgjUiojQrp8VYfTLnDH8Flnj929DMMa8vh+HBYhFVCO3z1z 8pTeq0PTKqsLE7JgFyvX4FdreMlhtUUTNLirGv20/oiae0UpbgfU5YDa6wuL6KaFZtTI WB4CqzczpYxtjT1U1Lu1iit12FO24/2nkCF/drKLRJF6WO2akY9mTSpgzrSTZwYXblcd TuIYC4f45ShMLCCUXnJbcH15vUKWBsH1hythE8VGdPVi0I4xXIOyKGgzdw7wlSRqhksn 3Uxl5CIorKkCDArfinVD4BSzdFTGTar9S9yLAo32FgtMe58SDP3Phx8WAT8Ps1gJ3/xW P2mg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:in-reply-to :references:subject:cc:to:mime-version:user-agent:from:date :message-id; bh=ee5IeJ9664fcz0j9PaCUuyJsjUnLIHmeCRCvSGKIC+w=; b=QuJ85kfjS+Z2Gi46pj4DeqM/8H6DcQh+GP6yHcZ/PIVULXC5JAGI4w7GL0beAI292J 9sdH7SwX2lE6BTRv3v7GHyagPljQATeD0p3l9LIK4r+qH9qGiT9u9fOGlRObBifjJFVF vZ0O83Scz4xdlJZLlfz18Rcr2q8zmXB7oDc5LJIIrcqzlQWn5A3FPkZwNFuvuGTMlzxP 0sjjr1K9Ycc2x4R4SiXpktE9WmYzMJCWe5o1tkJ+B3vJunRY0nfrqie6VYs/WmotFNas KYm4dUGjiZlHqb+oJVMaEmzC1097vrhF2FJ1btlemUFRcSYWvsHL+av+Rp7mc6SqTwvW mSjw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p21si1001901plq.328.2019.06.06.00.32.50; Thu, 06 Jun 2019 00:33:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726762AbfFFHbP (ORCPT + 99 others); Thu, 6 Jun 2019 03:31:15 -0400 Received: from mga05.intel.com ([192.55.52.43]:48979 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726014AbfFFHbP (ORCPT ); Thu, 6 Jun 2019 03:31:15 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 00:31:09 -0700 X-ExtLoop1: 1 Received: from unknown (HELO [10.239.13.7]) ([10.239.13.7]) by fmsmga007.fm.intel.com with ESMTP; 06 Jun 2019 00:31:08 -0700 Message-ID: <5CF8C272.7050808@intel.com> Date: Thu, 06 Jun 2019 15:36:18 +0800 From: Wei Wang User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Eric Hankland CC: Cfir Cohen , Paolo Bonzini , rkrcmar@redhat.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Stephane Eranian Subject: Re: [PATCH v1] KVM: x86: PMU Whitelist References: <5CEC9667.30100@intel.com> <5CEE3AC4.3020904@intel.com> <5CF07D37.9090805@intel.com> <5CF2599B.3030001@intel.com> <5CF5F6AE.90706@intel.com> In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 06/06/2019 05:35 AM, Eric Hankland wrote: >>> Right - I'm aware there are other ways of detecting this - it's still >>> a class of events that some people don't want to surface. I'll ask if >>> there are any better examples. > I asked and it sounds like we are treating all events as potentially > insecure until they've been reviewed. If Intel were to publish > official (reasonably substantiated) guidance stating that the PMU is > secure, then I think we'd be happy without such a safeguard in place, > but short of that I think we want to err on the side of caution. > I'm not aware of any vendors who'd published statements like that. Anyway, are you ready to share your QEMU patches or the events you want to be on the whitelists? Best, Wei