[PATCH 1/4] perf/core: Add support to exclude kernel mode instruction tracing

Peter Zijlstra peterz at infradead.org
Mon Feb 1 08:41:33 EST 2021


On Mon, Feb 01, 2021 at 01:11:04PM +0530, Sai Prakash Ranjan wrote:

> Ok I suppose you mean CONFIG_SECURITY_LOCKDOWN_LSM? But I don't see
> how this new config has to depend on that? This can work independently
> whether complete lockdown is enforced or not since it applies to only
> hardware instruction tracing. Ideally this depends on several hardware
> tracing configs such as ETMs and others but we don't need them because
> we are already exposing PERF_PMU_CAP_ITRACE check in the events core.

If you don't have lockdown, root pretty much owns the kernel, or am I
missing something?

> be used for some speculative execution based attacks. Which other
> kernel level PMUs can be used to get a full branch trace that is not
> locked down? If there is one, then this should probably be applied to
> it as well.

Just the regular counters. The information isn't as accurate, but given
enough goes you can infer plenty.

Just like all the SMT size-channel attacks.

Sure, PT and friends make it even easier, but I don't see a fundamental
distinction.



More information about the linux-arm-kernel mailing list