lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a2cb4e93-95c0-4a9f-db4d-69d6748c292e@linux.intel.com>
Date:   Mon, 11 Jun 2018 09:08:28 +0100
From:   Tvrtko Ursulin <tvrtko.ursulin@...ux.intel.com>
To:     Andi Kleen <ak@...ux.intel.com>,
        Alexey Budankov <alexey.budankov@...ux.intel.com>
Cc:     Peter Zijlstra <peterz@...radead.org>,
        Tvrtko Ursulin <tursulin@...ulin.net>,
        linux-kernel@...r.kernel.org,
        Tvrtko Ursulin <tvrtko.ursulin@...el.com>,
        Ingo Molnar <mingo@...hat.com>,
        Arnaldo Carvalho de Melo <acme@...nel.org>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
        Jiri Olsa <jolsa@...hat.com>,
        Namhyung Kim <namhyung@...nel.org>,
        Mark Rutland <mark.rutland@....com>,
        "Rogozhkin, Dmitry V" <dmitry.v.rogozhkin@...el.com>
Subject: Re: [RFC] perf: Allow fine-grained PMU access control


Hi,

On 22/05/2018 18:19, Andi Kleen wrote:
>> IMHO, it is unsafe for CBOX pmu but could IMC, UPI pmus be an exception here?
>> Because currently perf stat -I from IMC, UPI counters is only allowed when
>> system wide monitoring is permitted and this prevents joint perf record and
>> perf stat -I in cluster environments where users usually lack ability to
>> modify paranoid. Adding Andi who may have more ideas regarding all that.
> 
> PMU isolation is about not making side channels worse. There are normally
> already side channels from timing, but it has a degree of noise.
> 
> PMU isolation is just to prevent opening side channels with less noise.
> But reducing noise is always a trade off, it can never be perfect
> and at some point there are dimishing returns.
> 
> In general the farther you are from the origin of the noise there
> is already more noise. The PMU can reduce the noise, but if it's far
> enough away it may not make much difference.
> 
> So there are always trade offs with shades of grey, not a black
> and white situation. Depending on your security requirements
> it may be totally reasonable e.g. to allow the PMU
> on the memory controller (which is already very noisy in any case),
> but not on the caches.
> 
> Or allow it only on the graphics which is already fairly isolated.
> 
> So per pmu paranoid settings are a useful concept.

So it seems there is some positive feedback and fine-grained controls 
would be useful for other PMU's in cluster environments.

If we have agreement on that, question is how to drive this forward? 
Would someone be able to review the patch I've sent, or suggest more 
people to look at it before it could be queued up for merge?

Regards,

Tvrtko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ