linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Peter Zijlstra <peterz@infradead.org>
To: Like Xu <like.xu@linux.intel.com>
Cc: Sean Christopherson <seanjc@google.com>,
	Andi Kleen <andi@firstfloor.org>, "Xu, Like" <like.xu@intel.com>,
	Kan Liang <kan.liang@linux.intel.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	eranian@google.com, kvm@vger.kernel.org,
	Ingo Molnar <mingo@redhat.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Wanpeng Li <wanpengli@tencent.com>,
	Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
	wei.w.wang@intel.com, luwei.kang@intel.com,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 00/17] KVM: x86/pmu: Add support to enable Guest PEBS via DS
Date: Mon, 25 Jan 2021 12:13:10 +0100	[thread overview]
Message-ID: <YA6nxuM5Stlolk5x@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <eb30d86f-6492-d6e3-3a24-f58c724f68fd@linux.intel.com>

On Mon, Jan 25, 2021 at 04:08:22PM +0800, Like Xu wrote:
> Hi Peter,
> 
> On 2021/1/22 17:56, Peter Zijlstra wrote:
> > On Fri, Jan 15, 2021 at 10:51:38AM -0800, Sean Christopherson wrote:
> > > On Fri, Jan 15, 2021, Andi Kleen wrote:
> > > > > I'm asking about ucode/hardare.  Is the "guest pebs buffer write -> PEBS PMI"
> > > > > guaranteed to be atomic?
> > > > 
> > > > Of course not.
> > > 
> > > So there's still a window where the guest could observe the bad counter index,
> > > correct?
> > 
> > Guest could do a hypercall to fix up the DS area before it tries to read
> > it I suppose. Or the HV could expose the index mapping and have the
> > guest fix up it.
> 
> A weird (malicious) guest would read unmodified PEBS records in the
> guest PEBS buffer from other vCPUs without the need for hypercall or
> index mapping from HV.
> 
> Do you see any security issues on this host index leak window?
> 
> > 
> > Adding a little virt crud on top shouldn't be too hard.
> > 
> 
> The patches 13-17 in this version has modified the guest PEBS buffer
> to correct the index mapping information in the guest PEBS records.

Right, but given there is no atomicity between writing the DS area and
triggering the PMI (as already established earlier in this thread), a
malicious guest can already access this information, no?


  reply	other threads:[~2021-01-26  6:07 UTC|newest]

Thread overview: 59+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-04 13:15 [PATCH v3 00/17] KVM: x86/pmu: Add support to enable Guest PEBS via DS Like Xu
2021-01-04 13:15 ` [PATCH v3 01/17] KVM: x86/pmu: Set MSR_IA32_MISC_ENABLE_EMON bit when vPMU is enabled Like Xu
2021-01-04 13:15 ` [PATCH v3 02/17] KVM: x86/pmu: Use IA32_PERF_CAPABILITIES to adjust features visibility Like Xu
2021-01-04 13:15 ` [PATCH v3 03/17] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter Like Xu
2021-01-13 18:06   ` Peter Zijlstra
2021-01-14  1:58     ` Xu, Like
2021-01-04 13:15 ` [PATCH v3 04/17] perf: x86/ds: Handle guest PEBS overflow PMI and inject it to guest Like Xu
2021-01-13 18:22   ` Peter Zijlstra
2021-01-13 18:27     ` Peter Zijlstra
2021-01-14  3:39     ` Xu, Like
2021-01-15 12:01       ` Peter Zijlstra
2021-01-15 14:30         ` Xu, Like
2021-01-15 14:44           ` Peter Zijlstra
2021-01-15 15:12             ` Xu, Like
2021-01-25  8:26             ` Like Xu
2021-01-25 11:47               ` Peter Zijlstra
2021-02-02  6:31                 ` Xu, Like
2021-01-14 18:55   ` Sean Christopherson
2021-01-15  2:49     ` Xu, Like
2021-01-15 17:42       ` Sean Christopherson
2021-01-22  5:30         ` Like Xu
2021-01-04 13:15 ` [PATCH v3 05/17] KVM: x86/pmu: Reprogram guest PEBS event to emulate guest PEBS counter Like Xu
2021-01-15 11:33   ` Peter Zijlstra
2021-01-15 13:53     ` Xu, Like
2021-01-04 13:15 ` [PATCH v3 06/17] KVM: x86/pmu: Add IA32_PEBS_ENABLE MSR emulation for extended PEBS Like Xu
2021-01-05 21:11   ` Sean Christopherson
2021-01-07 12:38     ` Xu, Like
2021-01-15 14:46   ` Peter Zijlstra
2021-01-15 15:29     ` Xu, Like
2021-01-04 13:15 ` [PATCH v3 07/17] KVM: x86/pmu: Add IA32_DS_AREA MSR emulation to manage guest DS buffer Like Xu
2021-01-05 21:16   ` Sean Christopherson
2021-01-08  3:05     ` Xu, Like
2021-01-04 13:15 ` [PATCH v3 08/17] KVM: x86/pmu: Add PEBS_DATA_CFG MSR emulation to support adaptive PEBS Like Xu
2021-01-04 13:15 ` [PATCH v3 09/17] KVM: x86: Set PEBS_UNAVAIL in IA32_MISC_ENABLE when PEBS is enabled Like Xu
2021-01-04 13:15 ` [PATCH v3 10/17] KVM: x86/pmu: Expose CPUIDs feature bits PDCM, DS, DTES64 Like Xu
2021-01-04 13:15 ` [PATCH v3 11/17] KVM: x86/pmu: Adjust precise_ip to emulate Ice Lake guest PDIR counter Like Xu
2021-01-04 13:15 ` [PATCH v3 12/17] KVM: x86/pmu: Disable guest PEBS when counters are cross-mapped Like Xu
2021-01-04 13:15 ` [PATCH v3 13/17] KVM: x86/pmu: Add hook to emulate pebs for cross-mapped counters Like Xu
2021-01-04 13:15 ` [PATCH v3 14/17] KVM: vmx/pmu: Limit pebs_interrupt_threshold in the guest DS area Like Xu
2021-01-04 13:15 ` [PATCH v3 15/17] KVM: vmx/pmu: Rewrite applicable_counters field in guest PEBS records Like Xu
2021-01-04 13:15 ` [PATCH v3 16/17] KVM: x86/pmu: Save guest pebs reset values when pebs is configured Like Xu
2021-01-04 13:15 ` [PATCH v3 17/17] KVM: x86/pmu: Adjust guest pebs reset values for crpss-mapped counters Like Xu
2021-01-14 19:10 ` [PATCH v3 00/17] KVM: x86/pmu: Add support to enable Guest PEBS via DS Sean Christopherson
2021-01-15  2:02   ` Xu, Like
2021-01-15 17:57     ` Sean Christopherson
2021-01-15 18:27       ` Andi Kleen
2021-01-15 18:51         ` Sean Christopherson
2021-01-15 19:11           ` Andi Kleen
2021-01-22  9:56           ` Peter Zijlstra
2021-01-25  8:08             ` Like Xu
2021-01-25 11:13               ` Peter Zijlstra [this message]
2021-01-25 12:07                 ` Xu, Like
2021-01-25 12:18                   ` Peter Zijlstra
2021-01-25 12:53                     ` Xu, Like
     [not found] <EEC2A80E7137D84ABF791B01D40FA9A601EC200E@DGGEMM506-MBX.china.huawei.com>
2021-01-25  2:41 ` Like Xu
2021-01-25 14:47   ` Liuxiangdong (Aven, Cloud Infrastructure Service Product Dept.)
2021-01-26  7:08     ` Xu, Like
2021-01-29  2:52       ` Liuxiangdong (Aven, Cloud Infrastructure Service Product Dept.)
2021-02-01  8:43         ` Xu, Like

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YA6nxuM5Stlolk5x@hirez.programming.kicks-ass.net \
    --to=peterz@infradead.org \
    --cc=andi@firstfloor.org \
    --cc=eranian@google.com \
    --cc=jmattson@google.com \
    --cc=joro@8bytes.org \
    --cc=kan.liang@linux.intel.com \
    --cc=kvm@vger.kernel.org \
    --cc=like.xu@intel.com \
    --cc=like.xu@linux.intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luwei.kang@intel.com \
    --cc=mingo@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=seanjc@google.com \
    --cc=tglx@linutronix.de \
    --cc=vkuznets@redhat.com \
    --cc=wanpengli@tencent.com \
    --cc=wei.w.wang@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).