Re: [PATCH 0/4] MSR: MSR: MSR Whitelist and Batch Introduction

From: George Spelvin
Date: Mon Feb 29 2016 - 12:53:24 EST

Borislav Petkov <bp@xxxxxxxxx> wrote:
> What should be done, instead, is implement all functionality you need in
> the respective drivers with proper error and input sanity-checking done
> by the OS. Also, OS has other agents poking at them so it should be the
> arbiter controlling access and so on.

I worry that this is this too ambitious a goal. Who is volunteering
to actually do this?

It takes quite a while to find a good OS-level abstraction (remember
wakelocks?), and MSRs are the CPU architect's equivalent of ioctls.
So they're a bit of a mess, and there will keep being new ones.

I agree with you about anything that's going to see widespread use, but
for specialized (apparently mostly HPC) use where the application really
is heavily optimized for specific CPU models, perhaps dangerous-but-simple
is good enough?

The proposed interface is simple and imposes very little maintenance
burden on the kernel. My main objection is that it's yet another
special-case permission system. Are we *sure* we'll never want to have
to classes of users with different access rights?