Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp576745pxb; Sat, 10 Apr 2021 11:56:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzkwDj3E86so7iCLfPxgMLI7/B+OBAHsARdlZ1xfDN2mYCqI5xY3jM9qazQKUDaLvuhQoVs X-Received: by 2002:a17:907:2da7:: with SMTP id gt39mr20725263ejc.193.1618080960783; Sat, 10 Apr 2021 11:56:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618080960; cv=none; d=google.com; s=arc-20160816; b=tvxi1YsobiGqz7iLTyTmDIOMzfh4CL6s8qkcHxTz8uRfrw43JLNc6Um2x7lsg7o+Cz PP0LS8j23kqNU6Ll7iQRFnh3TYf5oehz4UmPw1+tnn3VExLrkJ2Hrbt4NGfdO0tLq4GE 3NHHXMJVkXs42xkYgmITB6Q4/07AOzOm9DiWBiI+Dwmklk+TxegNiLromXBn1/0ff6HF jnQ10cI+Dawaa8geZfvJnZeEzGYr/y6THAttQGd4elJlEDGIRMP4qBB6XrXiKtZSmUjT f8kh5rc2VbsJT9hNXAKMn2mkAWj0UKBX7u5MEL7Qo5nJEe4CtIvIgryScDQhrP6wHlxv 4yTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent:message-id:in-reply-to :date:references:subject:cc:to:from:ironport-sdr:ironport-sdr; bh=AQeN43MTUbOidI1378f76sboOq7p5F1hsjHH2fXO8Ag=; b=Abk6sO7iVFJA66QjF6JEAUnrPR62ANxrbe8PF1en1CjJihtIwzwSrXckG6/a5713zp +LH23bvftcCLfzNIA3Ok+Em+/CW43MludkT7Gagmr3/jR65aIfomKWryiyFu3LstMNxL zxF70SewchItgC4IhXHQFaL4FqSEDwyVhd/QLxteKKRdnauzMQ1EwMe9cFsk7YLNdy1w TtrFyO75XZwgCBy0pP9na+GH/gMi7n/EEDhHGDDCrdIjGl0aduSlqjiKuhnPb9zF3KnD iQCmC1BEH3KiCtk0cEqwwmsStfgy+H1RlZMtnaifm+ccbVDjG2Z767hiMHWuHcaAWein lI8Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z15si4639547ejr.444.2021.04.10.11.55.35; Sat, 10 Apr 2021 11:56:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234969AbhDJSwg (ORCPT + 99 others); Sat, 10 Apr 2021 14:52:36 -0400 Received: from mga12.intel.com ([192.55.52.136]:19672 "EHLO mga12.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234963AbhDJSwf (ORCPT ); Sat, 10 Apr 2021 14:52:35 -0400 IronPort-SDR: RU7dfQnp8STDsV4X5346Ycjw5fldQd90UzMZOfxVpoqbE81QsXDfmVriC2l4Xx0V2VIPzcnpIu Q5iFbGWraddA== X-IronPort-AV: E=McAfee;i="6000,8403,9950"; a="173438721" X-IronPort-AV: E=Sophos;i="5.82,212,1613462400"; d="scan'208";a="173438721" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Apr 2021 11:52:17 -0700 IronPort-SDR: d8s7bbDC9S9TN3ZsVR0wIC+HNuw9iLcTjKvqCUkHYQRATS2Y48nlWsWdS8SQHFSF6QB5p/VHGQ Q2U9mez6y9/w== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.82,212,1613462400"; d="scan'208";a="531372794" Received: from tassilo.jf.intel.com (HELO tassilo.localdomain) ([10.54.74.11]) by orsmga004.jf.intel.com with ESMTP; 10 Apr 2021 11:52:17 -0700 Received: by tassilo.localdomain (Postfix, from userid 1000) id 0E43A301B81; Sat, 10 Apr 2021 11:52:17 -0700 (PDT) From: Andi Kleen To: Borislav Petkov Cc: Thomas Gleixner , Feng Tang , Ingo Molnar , "H . Peter Anvin" , Peter Zijlstra , x86@kernel.org, linux-kernel@vger.kernel.org, rui.zhang@intel.com, andi.kleen@intel.com, dave.hansen@intel.com, len.brown@intel.com Subject: Re: [PATCH] x86/msr: Block writes to certain MSRs unconditionally References: <1617092747-15769-1-git-send-email-feng.tang@intel.com> <87y2dq32xc.ffs@nanos.tec.linutronix.de> <20210410094752.GB21691@zn.tnic> <20210410121144.GC21691@zn.tnic> Date: Sat, 10 Apr 2021 11:52:17 -0700 In-Reply-To: <20210410121144.GC21691@zn.tnic> (Borislav Petkov's message of "Sat, 10 Apr 2021 14:11:44 +0200") Message-ID: <87r1jiug4e.fsf@linux.intel.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Borislav Petkov writes: > From: Borislav Petkov > Date: Sat, 10 Apr 2021 14:08:13 +0200 > > There are a bunch of MSRs which luserspace has no business poking at, > whatsoever. Add a ban list and put the TSC-related MSRs in there. Issue > a big juicy splat to catch offenders. Have you ever seen any user programs actually write those MSRs? I don't see why they ever would, it's not that they have any motivation to do it (unlike SMM), and I don't know of any examples. The whole MSR blocking seems more like a tilting at windmills type effort. Root kits typically write from the kernel anyways. And the only results we have so far is various legitimate debug and benchmark utilities running much slower due to them flooding the kernel log with warnings. I can see that there are security reasons to lock down MSRs, but that is already handled fine with existing sandbox and lockdown mechanisms. But on a non locked down system fully accessible MSRs are really useful for all kind of debugging and tuning, and anything that prevents that is bad. -Andi