Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp5499397pxb; Wed, 26 Jan 2022 13:29:34 -0800 (PST) X-Google-Smtp-Source: ABdhPJwuELGKEG2773u0MEBbJJZ/VCIcRNjSpcK7oFo/YutlfGsx2xSo/oRUL4lvaYS/cVXPiifm X-Received: by 2002:a17:90a:3e49:: with SMTP id t9mr824348pjm.163.1643232574673; Wed, 26 Jan 2022 13:29:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1643232574; cv=none; d=google.com; s=arc-20160816; b=TRI9t1v++ymmjgFB5CccWmju8jLc9+WOHHmDrwnb3clegwWAK50uWho2zV50pUL5e0 Mlxy7AspdLk1jzC8GvAltp0bJoaAlTWcNvblYSp8ZOKKKvq1LReoUG375JC567Vj2ZQV +UH2mnKmQApIymmAGfvYB0+JSpMUEtytsCZnpljTDsLaJBuJS/ozOoyUCqfOm3MpCE/U FH1FfHV20Km3XUJhpnLSR4kT0zo75diXFFm3Du7XsJq5aEdpM6oaSuUzYnt8IKxpfwtm XHXMsUyqJE5gVesamvW3XxRU819CO6dI8USG9Ep66hWEd34tG6z1GZ+asdm5w/VhsV2Z IEmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=LDOLYM2UfrQAiWJ+eM2UXKMwCeFJxxfa8YNvPPKmDCc=; b=LY7g7z2zdwuS/N7iCeEz03kBNOGawgw/UMdp47gokCNUt7KDkM5fix2rHzOct8MXEX 2ARlT86LogHj9jyWcBerf9ZXd5cWUCNTYqUB/mkFrwpas8Z8AlQB3R8RWzhiRvK3OhVE HmCvtm9XXlngK9hq8ZDHBk7AFPG6nDGzFb1nNxbmAJR/vRG88FwCyY1Tjsc08LU9UL9D 1HqJ0wp+fedys3/YNu1RqJg+cTt/5sgZL9gDgC8xjjlYhaFlybemIROX/tZoUEy3rTqV DXrlvH5Ap20NCgPV2s8UerV/yx8NGPAKHlei1Vx0XjM4qPMYtxP896Q7a7wLDZXS3MvE eb5Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=ELrBa3qC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ij1si276477plb.53.2022.01.26.13.29.22; Wed, 26 Jan 2022 13:29:34 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=ELrBa3qC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241917AbiAZOFF (ORCPT + 99 others); Wed, 26 Jan 2022 09:05:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53086 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235083AbiAZOFD (ORCPT ); Wed, 26 Jan 2022 09:05:03 -0500 Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 43AB9C06161C; Wed, 26 Jan 2022 06:05:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=LDOLYM2UfrQAiWJ+eM2UXKMwCeFJxxfa8YNvPPKmDCc=; b=ELrBa3qC7jTSTLpOImhQz3dzEz K5WpZ/YZNRUQTA5GRRhG6YiSdHMRVkodurb0Am0X6SmfvxxM4e30HzzO0Bq+Eya4Z4YKZsqyZnHRq WUbgL69McwYa9JEsI5oTYalj84FVvlFriG5wyGGcjvvUqF3QFnjgJERnCaHSyuuX1VWvdDmH9ubgF fJKVKswc9GsTI7CfyMfotquwNpIzpjlt+9i2tvGaowEnY0/GTHW4z87fV/3J6mP9njzNubFGlAfz7 fq2jpcbaKAgrY6uR1AMaqLdZfQnwioMKBvnr6oeatrRB6eM1WA2W2FyfS5VrAE1X84P7KWS611JLB HGQIVHaA==; Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=noisy.programming.kicks-ass.net) by desiato.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1nCiuj-003os7-UP; Wed, 26 Jan 2022 14:04:46 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id 501733002C5; Wed, 26 Jan 2022 15:04:44 +0100 (CET) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id E9FC72B36E787; Wed, 26 Jan 2022 15:04:43 +0100 (CET) Date: Wed, 26 Jan 2022 15:04:43 +0100 From: Peter Zijlstra To: "Liang, Kan" Cc: Kyle Huey , open list , linux-perf-users@vger.kernel.org, "H. Peter Anvin" , "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" , Dave Hansen , Borislav Petkov , Thomas Gleixner , Namhyung Kim , Jiri Olsa , Alexander Shishkin , Mark Rutland , Arnaldo Carvalho de Melo , Ingo Molnar , Robert O'Callahan , Keno Fischer , Andi Kleen Subject: Re: [PATCH] x86/perf: Default freeze_on_smi on for Comet Lake and later. Message-ID: References: <20220122072644.92292-1-khuey@kylehuey.com> <3c35dc76-c187-8d3f-7fc9-75de32e7cbf6@linux.intel.com> <7ef1bf66-4184-7f5b-c0bd-351ec743d4e9@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <7ef1bf66-4184-7f5b-c0bd-351ec743d4e9@linux.intel.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jan 25, 2022 at 08:57:09AM -0500, Liang, Kan wrote: > I see. I was thought the unprivileged user can observe the SMM code on the > previous platforms. The CML+ change only makes part of the SMM code CPL0. > Seems I'm wrong. The change looks like changing the previous CPL0 code to > CPL3 code. If so, yes, I think we should prevent the information leaks for > the unprivileged user. Right. > Changing it to all platforms seems a too big hammer. I agree we should limit > it to the impacted platforms. > > I've contacted the author of the white paper. I was told that the change is > for the client vPro platforms. They are not sure whether it impacts Server > platform or Atom platforms. I'm still working on it. I will let you and > Peter know once I get more information. For now I've updated the patch as per the below. I'm tempted to simply apply it as is and let it be. Having different defaults for vPro vs !vPro chips seems more confusing than not. We should also very much get this change reverted for future chips. --- a/arch/x86/events/intel/core.c +++ b/arch/x86/events/intel/core.c @@ -6094,6 +6094,16 @@ __init int intel_pmu_init(void) x86_pmu.commit_scheduling = intel_tfa_commit_scheduling; } + if (boot_cpu_data.x86_model == INTEL_FAM6_COMETLAKE_L || + boot_cpu_data.x86_model == INTEL_FAM6_COMETLAKE) { + /* + * For some idiotic reason SMM is visible to USR + * counters. Since this is a privilege issue, default + * disable counters in SMM for these chips. + */ + x86_pmu.attr_freeze_on_smi = 1; + } + pr_cont("Skylake events, "); name = "skylake"; break; @@ -6135,6 +6145,8 @@ __init int intel_pmu_init(void) x86_pmu.num_topdown_events = 4; x86_pmu.update_topdown_event = icl_update_topdown_event; x86_pmu.set_topdown_event_period = icl_set_topdown_event_period; + /* SMM visible in USR, see above */ + x86_pmu.attr_freeze_on_smi = 1; pr_cont("Icelake events, "); name = "icelake"; break; @@ -6172,6 +6184,8 @@ __init int intel_pmu_init(void) x86_pmu.num_topdown_events = 8; x86_pmu.update_topdown_event = icl_update_topdown_event; x86_pmu.set_topdown_event_period = icl_set_topdown_event_period; + /* SMM visible in USR, see above */ + x86_pmu.attr_freeze_on_smi = 1; pr_cont("Sapphire Rapids events, "); name = "sapphire_rapids"; break; @@ -6217,6 +6231,8 @@ __init int intel_pmu_init(void) * x86_pmu.rtm_abort_event. */ x86_pmu.rtm_abort_event = X86_CONFIG(.event=0xc9, .umask=0x04); + /* SMM visible in USR, see above */ + x86_pmu.attr_freeze_on_smi = 1; td_attr = adl_hybrid_events_attrs; mem_attr = adl_hybrid_mem_attrs;