Re: [PATCH 1/4] perf/core: Add support to exclude kernel mode instruction tracing

On Sat, Jan 30, 2021 at 12:35:10AM +0530, Sai Prakash Ranjan wrote:

Here the idea is to protect such important information from all users including root users since root privileges does not have to mean full control over the kernel [1] and root compromise does not have to be the end of the world.

And yet, your thing lacks:

+config EXCLUDE_KERNEL_HW_ITRACE

• bool "Exclude kernel mode hardware assisted instruction tracing"
• depends on PERF_EVENTS

depends on SECURITY_LOCKDOWN

or whatever the appropriate symbol is.

• help

•  Exclude kernel mode instruction tracing by hardware tracing
  

•  family such as ARM Coresight ETM, Intel PT and so on.
  

•  This option allows to disable kernel mode instruction tracing
  

•  offered by hardware assisted tracing for all users(including root)
  

•  especially for production systems where only userspace tracing might
  

•  be preferred for security reasons.
  

Also, colour me unconvinced, pretty much all kernel level PMU usage can be employed to side-channel / infer crypto keys, why focus on ITRACE over others?