Re: [PATCH 1/4] perf/core: Add support to exclude kernel mode instruction tracing
From: Peter Zijlstra
Date: Mon Feb 01 2021 - 08:42:52 EST
On Mon, Feb 01, 2021 at 01:11:04PM +0530, Sai Prakash Ranjan wrote:
> Ok I suppose you mean CONFIG_SECURITY_LOCKDOWN_LSM? But I don't see
> how this new config has to depend on that? This can work independently
> whether complete lockdown is enforced or not since it applies to only
> hardware instruction tracing. Ideally this depends on several hardware
> tracing configs such as ETMs and others but we don't need them because
> we are already exposing PERF_PMU_CAP_ITRACE check in the events core.
If you don't have lockdown, root pretty much owns the kernel, or am I
missing something?
> be used for some speculative execution based attacks. Which other
> kernel level PMUs can be used to get a full branch trace that is not
> locked down? If there is one, then this should probably be applied to
> it as well.
Just the regular counters. The information isn't as accurate, but given
enough goes you can infer plenty.
Just like all the SMT size-channel attacks.
Sure, PT and friends make it even easier, but I don't see a fundamental
distinction.