On Fri, Jun 12, 2020 at 10:43:07AM -0700, Sean Christopherson wrote:
> The problem is a fault on WRMSR doesn't mean the MSR doesn't exist, it only
> means WRMSR faulted. WRMSR can for all intents and purpose trigger completely
> arbitrary microcode flows, e.g. WRMSR 0x79 can fundamentally change the
> behavior of the CPU.
Yes, that case is in the commit message.
> And it's not like the WRMSR->taint is atomic, e.g. changing a platform scoped
> MSR that affects voltage settings or something of that nature could easily
> tank the system on a successful WRMSR before the kernel can be marked tainted.
Yes, yes, I'll taint before the WRMSR.
> 0400 only allows a privelged user to read the parameter, e.g. for parameters
> that are snapshotted at module load time and/or changing the param while the
> module is running would cause breakage.
>
> 0600 allows a priveleged user to read and write the parameter, which AFAICT
> is safe here.
Ok, we can do that.
> 0644 allows a priveleged user to read and write the parameter, and allows an
> unpriveleged user to read the param.
Not so sure about that. Why would the unprivileged user need to read it?
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
