From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2A22C04AB5 for ; Thu, 6 Jun 2019 07:31:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 8341F20673 for ; Thu, 6 Jun 2019 07:31:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726742AbfFFHbP (ORCPT ); Thu, 6 Jun 2019 03:31:15 -0400 Received: from mga05.intel.com ([192.55.52.43]:48979 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726014AbfFFHbP (ORCPT ); Thu, 6 Jun 2019 03:31:15 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 00:31:09 -0700 X-ExtLoop1: 1 Received: from unknown (HELO [10.239.13.7]) ([10.239.13.7]) by fmsmga007.fm.intel.com with ESMTP; 06 Jun 2019 00:31:08 -0700 Message-ID: <5CF8C272.7050808@intel.com> Date: Thu, 06 Jun 2019 15:36:18 +0800 From: Wei Wang User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Eric Hankland CC: Cfir Cohen , Paolo Bonzini , rkrcmar@redhat.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Stephane Eranian Subject: Re: [PATCH v1] KVM: x86: PMU Whitelist References: <5CEC9667.30100@intel.com> <5CEE3AC4.3020904@intel.com> <5CF07D37.9090805@intel.com> <5CF2599B.3030001@intel.com> <5CF5F6AE.90706@intel.com> In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org On 06/06/2019 05:35 AM, Eric Hankland wrote: >>> Right - I'm aware there are other ways of detecting this - it's still >>> a class of events that some people don't want to surface. I'll ask if >>> there are any better examples. > I asked and it sounds like we are treating all events as potentially > insecure until they've been reviewed. If Intel were to publish > official (reasonably substantiated) guidance stating that the PMU is > secure, then I think we'd be happy without such a safeguard in place, > but short of that I think we want to err on the side of caution. > I'm not aware of any vendors who'd published statements like that. Anyway, are you ready to share your QEMU patches or the events you want to be on the whitelists? Best, Wei