On Sun, 28 Jun, at 12:10:49PM, Henrique de Moraes Holschuh wrote: > On Sun, 28 Jun 2015, Prarit Bhargava wrote: > > Is it easier to blacklist MSRs we don't want generally exposed, or only > > expose > > the ones that we think are safe? That's sort of a devil's advocate sort of > > question ;) and I'm wondering what the shorter list is. > > The only way to make MSR access safe is to allow it only by whitelisting. > The x86 platform restricts all MSR access to ring 0 for a damn good reason.
Blacklisting also breaks horribly if you run old kernels on new hardware. We need to "fail-closed" if someone tries to access an MSR the kernel doesn't know about. -- Matt Fleming, Intel Open Source Technology Center -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/