On Fri, Jun 12, 2020 at 09:57:09AM -0700, Sean Christopherson wrote:
> DS_AREA takes a virtual (linear) address, i.e. the address can be legal from
> the CPUs perspective but still lead to a #PF due to the address not being
> mapped in the page tables.
It's not that - peterz and tglx - and I assume you meant that too - you
all want to taint on the very *attempt* to WRMSR, regardless of whether
the MSR exists or not.
I don't necessarily agree with that because I don't think we should
taint when the MSR doesn't exist but if you all want it, sure, whatever.
I don't care that deeply.
> So users don't have to unload and reload the module just to enable or
> disable writes. I don't think it changes the protections in any way, a
> priveleged user still needs to explicitly toggle the control.
There's /sys/module/msr/parameters/. A privileged user can do whatever.
A non-privileged should not disable that.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
