From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C4AAEC4167D for ; Mon, 7 Feb 2022 11:39:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1380712AbiBGLaK (ORCPT ); Mon, 7 Feb 2022 06:30:10 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35528 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1383831AbiBGLXl (ORCPT ); Mon, 7 Feb 2022 06:23:41 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E8B3EC0401C2; Mon, 7 Feb 2022 03:23:37 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id A51C6B81028; Mon, 7 Feb 2022 11:23:36 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E66E3C004E1; Mon, 7 Feb 2022 11:23:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1644233015; bh=RvuDaYRuaj5nY8GNjEn5EiyUfTzSdHrWzSwRtuJGEV4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=pNN8ucsfppJtqn2M1eMfoPzLWNTyIZJrPSRRgpa9NIKvmI9hcBrG+jfXxeDweMYZo bJIZHm+HWbDit/L5884mj57d9Bc0QWDj9THKszYzs3im4F4nqNlXfGpwwgV3ye29EY fB5J0YwuLdLJpfmpZQJ8BOuvtyc1x1RO1NEZjij0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Kyle Huey , Andrew Cooper , "Peter Zijlstra (Intel)" , stable@kernel.org Subject: [PATCH 5.10 64/74] x86/perf: Default set FREEZE_ON_SMI for all Date: Mon, 7 Feb 2022 12:07:02 +0100 Message-Id: <20220207103759.331714765@linuxfoundation.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220207103757.232676988@linuxfoundation.org> References: <20220207103757.232676988@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Peter Zijlstra commit a01994f5e5c79d3a35e5e8cf4252c7f2147323c3 upstream. Kyle reported that rr[0] has started to malfunction on Comet Lake and later CPUs due to EFI starting to make use of CPL3 [1] and the PMU event filtering not distinguishing between regular CPL3 and SMM CPL3. Since this is a privilege violation, default disable SMM visibility where possible. Administrators wanting to observe SMM cycles can easily change this using the sysfs attribute while regular users don't have access to this file. [0] https://rr-project.org/ [1] See the Intel white paper "Trustworthy SMM on the Intel vPro Platform" at https://bugzilla.kernel.org/attachment.cgi?id=300300, particularly the end of page 5. Reported-by: Kyle Huey Suggested-by: Andrew Cooper Signed-off-by: Peter Zijlstra (Intel) Cc: stable@kernel.org Link: https://lkml.kernel.org/r/YfKChjX61OW4CkYm@hirez.programming.kicks-ass.net Signed-off-by: Greg Kroah-Hartman --- arch/x86/events/intel/core.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) --- a/arch/x86/events/intel/core.c +++ b/arch/x86/events/intel/core.c @@ -4353,6 +4353,19 @@ static __initconst const struct x86_pmu .lbr_read = intel_pmu_lbr_read_64, .lbr_save = intel_pmu_lbr_save, .lbr_restore = intel_pmu_lbr_restore, + + /* + * SMM has access to all 4 rings and while traditionally SMM code only + * ran in CPL0, 2021-era firmware is starting to make use of CPL3 in SMM. + * + * Since the EVENTSEL.{USR,OS} CPL filtering makes no distinction + * between SMM or not, this results in what should be pure userspace + * counters including SMM data. + * + * This is a clear privilege issue, therefore globally disable + * counting SMM by default. + */ + .attr_freeze_on_smi = 1, }; static __init void intel_clovertown_quirk(void)