On 06/06/2019 05:35 AM, Eric Hankland wrote:
Right - I'm aware there are other ways of detecting this - it's still
a class of events that some people don't want to surface. I'll ask if
there are any better examples.
I asked and it sounds like we are treating all events as potentially
insecure until they've been reviewed. If Intel were to publish
official (reasonably substantiated) guidance stating that the PMU is
secure, then I think we'd be happy without such a safeguard in place,
but short of that I think we want to err on the side of caution.
I'm not aware of any vendors who'd published statements like that.
Anyway, are you ready to share your QEMU patches or the events you want
to be on the whitelists?
Best,
Wei