Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp2940997pxb; Mon, 25 Jan 2021 02:47:09 -0800 (PST) X-Google-Smtp-Source: ABdhPJwT+/RSsYrG7OIPWuZaL9ApCVXESh3ZDFVr00wIg+GUMQRGxmtA1yaQdHp01qbUxULZI0g6 X-Received: by 2002:a05:6402:1e5:: with SMTP id i5mr1208259edy.86.1611571629693; Mon, 25 Jan 2021 02:47:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1611571629; cv=none; d=google.com; s=arc-20160816; b=eP6FAlbjCC4ZhqTwk8gNvAZKRT50NiQZeXDKlh+5L+hBC9V/snnsnFDo6+ZYtnT488 /idf8OjtdkTL2JkIQ1SmwrjGSXDa69WZZz/YctF9J7isnlhR5uyKgcaJ4Z3v+oWQh06O kPhdeOJZWtuG9lQBEURVkPzoLwTd/QsJ+t15WiAFT9LeiHEVCl/3M8RAiO7IwSx2zJfs mW7l0pO6uWykMkd1j+xyr7oINAr0BMgmMJHIMogjTHXLBgRV3f0lctdOOUbUzr0rvpFr lcV+sqlRqR0dgst/1vfVzrfQYJDuVNFXV9oPpwABnMW+zmf+2FO77h/mqEbcDF+fWUJM +aKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:organization :from:references:cc:to:subject:ironport-sdr:ironport-sdr; bh=t5tB6VUpNG11/pN9KmujDtsc+VH7qCm/N1M6t9mSxhQ=; b=cKLzcXfiq71r163kAfBCzJEoYLikX+Y+NAbDl9Nj5OVnqkCPeAn1mJrn2we4NtRA9X ztrgONFMM9LhJNDXb8zCQeT4Idsw2J7mZHDydDVNuEh9RMiwwqN9y0mrWBw5IMLt6uY7 nIFzE0cr8IgRJPamHg4LVIKHQvTt/UrBMMGgLpxpel3nAq6ASLW6YKNuWr0MAbYBV7A6 CEEknaZWzd4w+ZOCxNmAQXp9qfhZlhMXuVozg7ZaOiwVK+Z3l5eN9kKJvfHtu1FsK1bv 1htGQtyc0/hv8Md8WKdio+yS5uwhdX8M+U6pRH7y5Uatlze+cKYC/QEP4KWKqwxY5MWa D0HA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w9si7047391edr.281.2021.01.25.02.46.46; Mon, 25 Jan 2021 02:47:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727494AbhAYKlX (ORCPT + 99 others); Mon, 25 Jan 2021 05:41:23 -0500 Received: from mga18.intel.com ([134.134.136.126]:14078 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727423AbhAYKhl (ORCPT ); Mon, 25 Jan 2021 05:37:41 -0500 IronPort-SDR: Nkcf3k0VB3i9oL8GLtTcasCPxzZvIqI28JAjnyptGYc83wKlpjajBLGIrdxvMmTLXeLCbd3xr9 QKqXF/iwbtDw== X-IronPort-AV: E=McAfee;i="6000,8403,9874"; a="167358140" X-IronPort-AV: E=Sophos;i="5.79,372,1602572400"; d="scan'208";a="167358140" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jan 2021 00:08:30 -0800 IronPort-SDR: +yed1xN/jKxYgQSYnlV82Hldq/lmX9jM0EfNi8kT917T/sfidv4AAiqvN61YAqMDp2sAgl/AF+ ucNkTjPGuIeg== X-IronPort-AV: E=Sophos;i="5.79,372,1602572400"; d="scan'208";a="387230072" Received: from likexu-mobl1.ccr.corp.intel.com (HELO [10.238.4.93]) ([10.238.4.93]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jan 2021 00:08:26 -0800 Subject: Re: [PATCH v3 00/17] KVM: x86/pmu: Add support to enable Guest PEBS via DS To: Peter Zijlstra , Sean Christopherson , Andi Kleen Cc: "Xu, Like" , Kan Liang , Paolo Bonzini , eranian@google.com, kvm@vger.kernel.org, Ingo Molnar , Thomas Gleixner , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , wei.w.wang@intel.com, luwei.kang@intel.com, linux-kernel@vger.kernel.org References: <20210104131542.495413-1-like.xu@linux.intel.com> <20210115182700.byczztx3vjhsq3p3@two.firstfloor.org> From: Like Xu Organization: Intel OTC Message-ID: Date: Mon, 25 Jan 2021 16:08:22 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Peter, On 2021/1/22 17:56, Peter Zijlstra wrote: > On Fri, Jan 15, 2021 at 10:51:38AM -0800, Sean Christopherson wrote: >> On Fri, Jan 15, 2021, Andi Kleen wrote: >>>> I'm asking about ucode/hardare. Is the "guest pebs buffer write -> PEBS PMI" >>>> guaranteed to be atomic? >>> >>> Of course not. >> >> So there's still a window where the guest could observe the bad counter index, >> correct? > > Guest could do a hypercall to fix up the DS area before it tries to read > it I suppose. Or the HV could expose the index mapping and have the > guest fix up it. A weird (malicious) guest would read unmodified PEBS records in the guest PEBS buffer from other vCPUs without the need for hypercall or index mapping from HV. Do you see any security issues on this host index leak window? > > Adding a little virt crud on top shouldn't be too hard. > The patches 13-17 in this version has modified the guest PEBS buffer to correct the index mapping information in the guest PEBS records. --- thx,likexu