From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751605AbbH1Fam (ORCPT ); Fri, 28 Aug 2015 01:30:42 -0400 Received: from mail-wi0-f182.google.com ([209.85.212.182]:36026 "EHLO mail-wi0-f182.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751005AbbH1Fal (ORCPT ); Fri, 28 Aug 2015 01:30:41 -0400 Date: Fri, 28 Aug 2015 07:30:37 +0200 From: Ingo Molnar To: Alexander Shishkin Cc: Peter Zijlstra , Ingo Molnar , linux-kernel@vger.kernel.org, Arnaldo Carvalho de Melo Subject: Re: [PATCH 1/2] perf/x86/intel/ds: Work around BTS leaking kernel addresses Message-ID: <20150828053037.GB26741@gmail.com> References: <1440688422-27954-1-git-send-email-alexander.shishkin@linux.intel.com> <1440688422-27954-2-git-send-email-alexander.shishkin@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1440688422-27954-2-git-send-email-alexander.shishkin@linux.intel.com> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Alexander Shishkin wrote: > + for (at = base; at < top; at++) { > + /* > + * Note that right now *this* BTS code only works if > + * attr::exclude_kernel is set, but let's keep this extra > + * check here in case that changes. > + */ > + if (event->attr.exclude_kernel && > + (at->from >= PAGE_OFFSET || at->to >= PAGE_OFFSET)) > + skip++; Yeah, so that only works on 32-bit kernels, on 64-bit kernels the check for kernel addresses is to see whether it's a negative address. PAGE_OFFSET points to above any hypervisor's address, so even with your fix we could still leak hypervisor addresses. I.e. use the kernel_ip() primitive instead. Thanks, Ingo