Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp1570300pxb; Tue, 8 Feb 2022 22:38:10 -0800 (PST) X-Google-Smtp-Source: ABdhPJw08Fj62egdZ9VTD4tPHwuCHvrMVuCo9q3c7SULG1vaAAM7q2eC/7D2iWZbVK0MyH5ZyhQQ X-Received: by 2002:a50:fb07:: with SMTP id d7mr893799edq.442.1644388690612; Tue, 08 Feb 2022 22:38:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644388690; cv=none; d=google.com; s=arc-20160816; b=oRCc12pSKrq6MdrWH9FYQ2KnR5/2sipPgqbWmAV9ZvZZWvO8Wnv4WY2oIjw0skxJ1/ XTlID9CsZlMWBQ+TvOD3UB/YsrWa8BGzY8GoAfgiCU1MdszuHOsaq8PVYKbPrngybuT8 0vJFEtbPq91nKmoUH6rKRjNkJmu1wVa5YOL7wgbygfRm9Ht3oMT4Fs2YWKW5nxCE90RP rOl6abcyPlzfC3GDvBvo7s8i7gkgQJDnPSVR62mUHjfcECsSJb3uJeu2SmgTXCmIhWGO b9FRWtwwVW+ZilcMSbbbDLLi73VFp+vBJoya7YK14tnrLT3+p8mekdTlyN/dyBEHvPQg dZ/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ScEQnvgHKpLlJ/Hmf0G+g+LTVpwsfkCWwZsI5Hg0/6A=; b=NHs1NG2QnyMbxsQaAS/c5XrQ2lZuDXcibfS3KTDKIJCrXYKfG+nJezgAB6Vtl4FqCg 8hHRgobq7G/V8KA8oKWGV6iKe0lMTuHxKM+Oby6zuOUqy5vh9afYh9O/XrnQOnXLJIpF 4rqb9q16gxK2OPx179cjrgTjClrxgG4QsbxVBAekM59fm23P9F+7bAgdrHHAQvqPDQiv E2XoXG/BXi8ndFJ/aorrLX4VehXNUQCQZAqRwJYAyiEeDay4iCG4gPVaRt9YxqaAB8nN JCbeKx/U7wQZV1i81CYInQuynm7XEFVJcdZ4wxLquNwXk7ErftfYOOPb+NBM6KMtB/u9 DwxA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=pNN8ucsf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s9si7235477edw.462.2022.02.08.22.37.46; Tue, 08 Feb 2022 22:38:10 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=pNN8ucsf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1386315AbiBGLeX (ORCPT + 99 others); Mon, 7 Feb 2022 06:34:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35528 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1383831AbiBGLXl (ORCPT ); Mon, 7 Feb 2022 06:23:41 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E8B3EC0401C2; Mon, 7 Feb 2022 03:23:37 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id A51C6B81028; Mon, 7 Feb 2022 11:23:36 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E66E3C004E1; Mon, 7 Feb 2022 11:23:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1644233015; bh=RvuDaYRuaj5nY8GNjEn5EiyUfTzSdHrWzSwRtuJGEV4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=pNN8ucsfppJtqn2M1eMfoPzLWNTyIZJrPSRRgpa9NIKvmI9hcBrG+jfXxeDweMYZo bJIZHm+HWbDit/L5884mj57d9Bc0QWDj9THKszYzs3im4F4nqNlXfGpwwgV3ye29EY fB5J0YwuLdLJpfmpZQJ8BOuvtyc1x1RO1NEZjij0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Kyle Huey , Andrew Cooper , "Peter Zijlstra (Intel)" , stable@kernel.org Subject: [PATCH 5.10 64/74] x86/perf: Default set FREEZE_ON_SMI for all Date: Mon, 7 Feb 2022 12:07:02 +0100 Message-Id: <20220207103759.331714765@linuxfoundation.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220207103757.232676988@linuxfoundation.org> References: <20220207103757.232676988@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Peter Zijlstra commit a01994f5e5c79d3a35e5e8cf4252c7f2147323c3 upstream. Kyle reported that rr[0] has started to malfunction on Comet Lake and later CPUs due to EFI starting to make use of CPL3 [1] and the PMU event filtering not distinguishing between regular CPL3 and SMM CPL3. Since this is a privilege violation, default disable SMM visibility where possible. Administrators wanting to observe SMM cycles can easily change this using the sysfs attribute while regular users don't have access to this file. [0] https://rr-project.org/ [1] See the Intel white paper "Trustworthy SMM on the Intel vPro Platform" at https://bugzilla.kernel.org/attachment.cgi?id=300300, particularly the end of page 5. Reported-by: Kyle Huey Suggested-by: Andrew Cooper Signed-off-by: Peter Zijlstra (Intel) Cc: stable@kernel.org Link: https://lkml.kernel.org/r/YfKChjX61OW4CkYm@hirez.programming.kicks-ass.net Signed-off-by: Greg Kroah-Hartman --- arch/x86/events/intel/core.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) --- a/arch/x86/events/intel/core.c +++ b/arch/x86/events/intel/core.c @@ -4353,6 +4353,19 @@ static __initconst const struct x86_pmu .lbr_read = intel_pmu_lbr_read_64, .lbr_save = intel_pmu_lbr_save, .lbr_restore = intel_pmu_lbr_restore, + + /* + * SMM has access to all 4 rings and while traditionally SMM code only + * ran in CPL0, 2021-era firmware is starting to make use of CPL3 in SMM. + * + * Since the EVENTSEL.{USR,OS} CPL filtering makes no distinction + * between SMM or not, this results in what should be pure userspace + * counters including SMM data. + * + * This is a clear privilege issue, therefore globally disable + * counting SMM by default. + */ + .attr_freeze_on_smi = 1, }; static __init void intel_clovertown_quirk(void)