From: Megha Dey <megha.dey@linux.intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org
Cc: tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com,
andriy.shevchenko@linux.intel.com, kstewart@linuxfoundation.org,
yu-cheng.yu@intel.com, len.brown@intel.com,
gregkh@linuxfoundation.org, peterz@infradead.org,
acme@kernel.org, alexander.shishkin@linux.intel.com,
jolsa@redhat.com, namhyung@kernel.org,
vikas.shivappa@linux.intel.com, pombredanne@nexb.com,
me@kylehuey.com, bp@suse.de, grzegorz.andrejczuk@intel.com,
tony.luck@intel.com, corbet@lwn.net, ravi.v.shankar@intel.com,
megha.dey@intel.com, Megha Dey <megha.dey@linux.intel.com>
Subject: [PATCH V1 0/3] perf/x86/intel: Add Branch Monitoring support
Date: Sat, 11 Nov 2017 13:20:03 -0800 [thread overview]
Message-ID: <1510435206-16110-1-git-send-email-megha.dey@linux.intel.com> (raw)
This patchset adds support for Intel's branch monitoring feature. This
feature uses heuristics to detect the occurrence of an ROP(Return Oriented
Programming) or ROP like(JOP: Jump oriented programming) attack. These
heuristics are based off certain performance monitoring statistics,
measured dynamically over a short configurable window period. ROP is a
malware trend in which the attacker can compromise a return pointer held
on the stack to redirect execution to a different desired instruction.
Currently, only the Cannonlake family of Intel processors support this
feature. This feature is enabled by CONFIG_PERF_EVENTS_INTEL_BM.
Once the kernel is compiled with CONFIG_PERF_EVENTS_INTEL_BM=y on a
Cannonlake system, the following perf events are added which can be viewed
with perf list:
intel_bm/branch-misp/ [Kernel PMU event]
intel_bm/call-ret/ [Kernel PMU event]
intel_bm/far-branch/ [Kernel PMU event]
intel_bm/indirect-branch-misp/ [Kernel PMU event]
intel_bm/ret-misp/ [Kernel PMU event]
intel_bm/rets/ [Kernel PMU event]
A perf-based kernel driver has been used to monitor the occurrence of
one of the 6 branch monitoring events. There are 2 counters that each
can select between one of these events for evaluation over a specified
instruction window size (0 to 1023). For each counter, a threshold value
(0 to 127) can be configured to set a point at which an interrupt is
generated. Each task can monitor a maximum of 2 events at any given time.
Apart from the kernel driver, this patchset adds CPUID of Cannonlake
processors to Intel family list and the Documentation/x86/intel_bm.txt
file with some information about Intel Branch monitoring.
Changes V0->V1:
1. Used the 'is_sampling_event' function
2. Added support to monitor 2 events for every task
3. Corrected typos
4. Added a lock to prevent race condition in concurrent perf_event_open()s
5. Got rid of start()/stop() and added its functionality in add()/del()
6. Removed read() callback as it was not doing anything.
6. Removed code for sampling events as we do not support sampling.
7. Added 'id' member to hw_perf_event::intel_bm to track which counter the
event is using.
8. Moved MSR accesses to the add()/del() callbacks
Megha Dey (3):
x86/cpu/intel: Add Cannonlake to Intel family
perf/x86/intel/bm.c: Add Intel Branch Monitoring support
x86, bm: Add documentation on Intel Branch Monitoring
Documentation/x86/intel_bm.txt | 216 +++++++++++++
arch/x86/events/Kconfig | 10 +
arch/x86/events/intel/Makefile | 2 +
arch/x86/events/intel/bm.c | 618 ++++++++++++++++++++++++++++++++++++
arch/x86/include/asm/intel-family.h | 2 +
arch/x86/include/asm/msr-index.h | 5 +
arch/x86/include/asm/processor.h | 4 +
include/linux/perf_event.h | 9 +-
kernel/events/core.c | 16 +
9 files changed, 881 insertions(+), 1 deletion(-)
create mode 100644 Documentation/x86/intel_bm.txt
create mode 100644 arch/x86/events/intel/bm.c
--
1.9.1
next reply other threads:[~2017-11-11 21:04 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-11 21:20 Megha Dey [this message]
2017-11-11 21:20 ` [PATCH V1 1/3] x86/cpu/intel: Add Cannonlake to Intel family Megha Dey
2017-11-11 21:20 ` [PATCH V1 2/3] perf/x86/intel/bm.c: Add Intel Branch Monitoring support Megha Dey
2017-11-13 9:00 ` Peter Zijlstra
2017-11-13 19:22 ` Dey, Megha
2017-11-13 20:25 ` Thomas Gleixner
2017-11-13 22:14 ` Megha Dey
2017-11-11 21:20 ` [PATCH V1 3/3] x86, bm: Add documentation on Intel Branch Monitoring Megha Dey
2017-11-12 1:56 ` Randy Dunlap
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1510435206-16110-1-git-send-email-megha.dey@linux.intel.com \
--to=megha.dey@linux.intel.com \
--cc=acme@kernel.org \
--cc=alexander.shishkin@linux.intel.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=bp@suse.de \
--cc=corbet@lwn.net \
--cc=gregkh@linuxfoundation.org \
--cc=grzegorz.andrejczuk@intel.com \
--cc=hpa@zytor.com \
--cc=jolsa@redhat.com \
--cc=kstewart@linuxfoundation.org \
--cc=len.brown@intel.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=me@kylehuey.com \
--cc=megha.dey@intel.com \
--cc=mingo@redhat.com \
--cc=namhyung@kernel.org \
--cc=peterz@infradead.org \
--cc=pombredanne@nexb.com \
--cc=ravi.v.shankar@intel.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=vikas.shivappa@linux.intel.com \
--cc=x86@kernel.org \
--cc=yu-cheng.yu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).