Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 853D7C433F5 for ; Sat, 11 Dec 2021 03:57:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345815AbhLKDwR (ORCPT ); Fri, 10 Dec 2021 22:52:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43704 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236760AbhLKDwQ (ORCPT ); Fri, 10 Dec 2021 22:52:16 -0500 Received: from mail-oo1-xc35.google.com (mail-oo1-xc35.google.com [IPv6:2607:f8b0:4864:20::c35]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4C6C2C061746 for ; Fri, 10 Dec 2021 19:48:40 -0800 (PST) Received: by mail-oo1-xc35.google.com with SMTP id m37-20020a4a9528000000b002b83955f771so2845753ooi.7 for ; Fri, 10 Dec 2021 19:48:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+DAiWwhbhf5mzupY++s4IWYZHYOZ9W8B0LFJHzjR4SI=; b=YxowbIUKlq3wkGPorar1DdyK8l3BCxozc2EV6JQV4fiA+VDVLgHmk6ME1DwUsLx8St AvXWGHWM6B48Uk5oi0GyB7b7CtP4DxriI7XxA+kqp0E6FuW+mN1KqsjxazCRHPNovgyR pZotyZ6W35hQbRMW6vaOzQrttmBSe7aKT2NgPeWhZsjZaoU47EV/KoCnjGrMTCbRNnZT EFKCvUHGNSn0Sdiv+EWNOrH46j6vtuoIsyXK4YELqt5Rp3VTfXeh5yALVFpzFReTxIko 55fKgEzy7eboqKDWd2L9WfAFE0vF9tlGzH+YD8Qa5j6uipqbBOHE6am8N/58bnC4ZG8w uVdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+DAiWwhbhf5mzupY++s4IWYZHYOZ9W8B0LFJHzjR4SI=; b=k6NexTQ1d1pHlDROhYNGSKNxYtuxwJCqODXZoyNKzoGxVnCOtSIfJBaD7BDEQgfIIj sW1hDf8wtAtyrJqpNJI4uVaUUyqFvDTW95/Udr2BbWx3piyC79YmCcsc4BVU7LoItP8s Z6bc8Ugpt2TxS4aUcTsEAPadfat7IQfp164EoVulFzzJhUfQOi1h3hGus2cB7Di7TwzB ZKJhoK9dBV813MpH1909bJj7JDDu7yPMK5UKAMeKY+H40tAceerN3FXS/H2HoZ5rwjg+ nuQ2UxJsBQmMdzzm7ThOZiraJHKJy19uZC8VlgOiPy7R2YlVakOQU7sEt5sKN128dRIG 20/A== X-Gm-Message-State: AOAM530sMJY87Y/rLze2J22PSsC5r3S2ZPgBlYYDgWFBicbhSt5Ydepa kX73ryU+ayjb4ejwTP8Ae8QWjSm+LqTWw89/tk/LVQ== X-Google-Smtp-Source: ABdhPJzQ3WEnpBZx1+MKClb8xTkWkqLKlVYYUvJBIikKDOS7TwrepwTdpFxygZgNVXHMAGcTGlKSeBwkRAQTG86lRSc= X-Received: by 2002:a4a:3042:: with SMTP id z2mr10915248ooz.47.1639194519067; Fri, 10 Dec 2021 19:48:39 -0800 (PST) MIME-Version: 1.0 References: <20211117080304.38989-1-likexu@tencent.com> <438d42de-78e1-0ce9-6a06-38194de4abd4@redhat.com> In-Reply-To: <438d42de-78e1-0ce9-6a06-38194de4abd4@redhat.com> From: Jim Mattson Date: Fri, 10 Dec 2021 19:48:27 -0800 Message-ID: Subject: Re: [PATCH] KVM: x86/svm: Add module param to control PMU virtualization To: Paolo Bonzini Cc: Like Xu , Maxim Levitsky , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Dec 10, 2021 at 6:15 PM Paolo Bonzini wrote: > > On 12/10/21 20:25, Jim Mattson wrote: > > In the long run, I'd like to be able to override this system-wide > > setting on a per-VM basis, for VMs that I trust. (Of course, this > > implies that I trust the userspace process as well.) > > > > How would you feel if we were to add a kvm ioctl to override this > > setting, for a particular VM, guarded by an appropriate permissions > > check, like capable(CAP_SYS_ADMIN) or capable(CAP_SYS_MODULE)? > > What's the rationale for guarding this with a capability check? IIRC > you don't have such checks for perf_event_open (apart for getting kernel > addresses, which is not a problem for virtualization). My reasoning was simply that for userspace to override a mode 0444 kernel module parameter, it should have the rights to reload the module with the parameter override. I wasn't thinking specifically about PMU capabilities.