RE: [PATCH 0/4] MSR: MSR: MSR Whitelist and Batch Introduction

From: Thomas Gleixner
Date: Tue Mar 01 2016 - 03:04:59 EST

Next message: Paul Kocialkowski: "Re: [PATCH v4 1/5] ARM: dts: LG Optimus Black codename sniper basic support"
Previous message: Minfei Huang: "[PATCH V2 2/2] kexec: Do a cleanup for function kexec_load"
Next in thread: Rountree, Barry L.: "Re: [PATCH 0/4] MSR: MSR: MSR Whitelist and Batch Introduction"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 29 Feb 2016, Mcfadden, Marty Jay wrote:
> This is precisely why the whitelist approach is being proposed. The current
> version of msr.ko will gladly allow userspace tools with capabilities set to
> scribble all over them. With whitelists, system admins can turn off
> capabilities for the apps and limit access to a very small subset of bits of
> a small subset of MSRs.

We don't need any of this, really.

Developers who play with experimental or emerging technologies hardly need
that whitelist stuff. They better know what they are doing.

For normal production use we want proper interfaces/drivers for the
technologies which should be made accessible to applications. msr.ko should
not be available on any production machine at all.

Your whitelist filter is just a sloppy hack to foster bad practices. Your
arguments about emerging technologies etc. are just trying to lull us into
accepting your wonderful hackery, so that you can continue to use MSRs in
production environments while pretending that you provide a reasonable amount
of security and sanity around it. Nice try, but it doesn't work...

Thanks,

tglx

Next message: Paul Kocialkowski: "Re: [PATCH v4 1/5] ARM: dts: LG Optimus Black codename sniper basic support"
Previous message: Minfei Huang: "[PATCH V2 2/2] kexec: Do a cleanup for function kexec_load"
Next in thread: Rountree, Barry L.: "Re: [PATCH 0/4] MSR: MSR: MSR Whitelist and Batch Introduction"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]