From: Zhao Liu <zhao1.liu@intel.com>
To: Markus Armbruster <armbru@redhat.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Eric Blake" <eblake@redhat.com>,
"Michael Roth" <michael.roth@amd.com>,
"Daniel P . Berrangé" <berrange@redhat.com>,
"Eduardo Habkost" <eduardo@habkost.net>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
"Shaoqin Huang" <shahuang@redhat.com>,
"Eric Auger" <eauger@redhat.com>,
"Peter Maydell" <peter.maydell@linaro.org>,
"Laurent Vivier" <lvivier@redhat.com>,
"Thomas Huth" <thuth@redhat.com>,
"Sebastian Ott" <sebott@redhat.com>,
"Gavin Shan" <gshan@redhat.com>,
qemu-devel@nongnu.org, kvm@vger.kernel.org, qemu-arm@nongnu.org,
"Dapeng Mi" <dapeng1.mi@intel.com>, "Yi Lai" <yi1.lai@intel.com>
Subject: Re: [PATCH 1/5] qapi/qom: Introduce kvm-pmu-filter object
Date: Fri, 11 Apr 2025 14:34:34 +0800 [thread overview]
Message-ID: <Z/i3+l3uQ3dTjnHT@intel.com> (raw)
In-Reply-To: <87frifxqgk.fsf@pond.sub.org>
On Fri, Apr 11, 2025 at 06:38:35AM +0200, Markus Armbruster wrote:
> Date: Fri, 11 Apr 2025 06:38:35 +0200
> From: Markus Armbruster <armbru@redhat.com>
> Subject: Re: [PATCH 1/5] qapi/qom: Introduce kvm-pmu-filter object
>
> Zhao Liu <zhao1.liu@intel.com> writes:
>
> > Hi Markus
> >
> > On Thu, Apr 10, 2025 at 04:21:01PM +0200, Markus Armbruster wrote:
> >> Date: Thu, 10 Apr 2025 16:21:01 +0200
> >> From: Markus Armbruster <armbru@redhat.com>
> >> Subject: Re: [PATCH 1/5] qapi/qom: Introduce kvm-pmu-filter object
> >>
> >> Zhao Liu <zhao1.liu@intel.com> writes:
> >>
> >> > Introduce the kvm-pmu-filter object and support the PMU event with raw
> >> > format.
> >>
> >> Remind me, what does the kvm-pmu-filter object do, and why would we
> >> want to use it?
> >
> > KVM PMU filter allows user space to set PMU event whitelist / blacklist
> > for Guest. Both ARM and x86's KVMs accept a list of PMU events, and x86
> > also accpets other formats & fixed counter field.
>
> But what does the system *do* with these event lists?
This is for security purposes, and can restrict Guest users from
accessing certain sensitive hardware information on the Host via perf or
PMU counter.
When a PMU event is blocked by KVM, Guest users can't get the
corresponding event count via perf/PMU counter.
EMM, if ‘system’ refers to the QEMU part, then QEMU is responsible
for checking the format and passing the list to KVM.
Thanks,
Zhao
next prev parent reply other threads:[~2025-04-11 6:15 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-09 8:26 [PATCH 0/5] accel/kvm: Support KVM PMU filter Zhao Liu
2025-04-09 8:26 ` [PATCH 1/5] qapi/qom: Introduce kvm-pmu-filter object Zhao Liu
2025-04-10 14:21 ` Markus Armbruster
2025-04-11 4:03 ` Zhao Liu
2025-04-11 4:38 ` Markus Armbruster
2025-04-11 6:34 ` Zhao Liu [this message]
2025-04-16 8:17 ` Markus Armbruster
2025-04-24 6:33 ` Zhao Liu
2025-04-25 10:35 ` Philippe Mathieu-Daudé
2025-04-27 7:26 ` Zhao Liu
2025-04-24 12:18 ` Markus Armbruster
2025-04-24 15:34 ` Zhao Liu
2025-04-25 9:19 ` Markus Armbruster
2025-04-09 8:26 ` [PATCH 2/5] i386/kvm: Support basic KVM PMU filter Zhao Liu
2025-04-25 9:19 ` Markus Armbruster
2025-04-27 8:34 ` Zhao Liu
2025-04-28 6:12 ` Markus Armbruster
2025-04-28 14:12 ` Zhao Liu
2025-04-09 8:26 ` [PATCH 3/5] i386/kvm: Support event with select & umask format in " Zhao Liu
2025-04-25 9:33 ` Markus Armbruster
2025-04-27 6:49 ` Zhao Liu
2025-04-28 7:19 ` Markus Armbruster
2025-04-28 14:42 ` Zhao Liu
2025-04-28 16:24 ` Markus Armbruster
2025-04-29 6:24 ` Zhao Liu
2025-04-09 8:26 ` [PATCH 4/5] i386/kvm: Support event with masked entry " Zhao Liu
2025-04-25 9:37 ` Markus Armbruster
2025-04-09 8:26 ` [PATCH 5/5] i386/kvm: Support fixed counter " Zhao Liu
2025-04-24 8:17 ` Mi, Dapeng
2025-04-24 15:35 ` Zhao Liu
2025-04-25 10:32 ` Philippe Mathieu-Daudé
2025-04-27 7:35 ` Zhao Liu
2025-04-15 7:49 ` [PATCH 0/5] accel/kvm: Support " Shaoqin Huang
2025-04-15 9:59 ` Zhao Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z/i3+l3uQ3dTjnHT@intel.com \
--to=zhao1.liu@intel.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=dapeng1.mi@intel.com \
--cc=eauger@redhat.com \
--cc=eblake@redhat.com \
--cc=eduardo@habkost.net \
--cc=gshan@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=lvivier@redhat.com \
--cc=michael.roth@amd.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=sebott@redhat.com \
--cc=shahuang@redhat.com \
--cc=thuth@redhat.com \
--cc=yi1.lai@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).