lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 23 Jul 2015 12:09:01 -0600
From:	Toshi Kani <toshi.kani@...com>
To:	Dan Williams <dan.j.williams@...el.com>
Cc:	"H. Peter Anvin" <hpa@...or.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>, X86 ML <x86@...nel.org>,
	Borislav Petkov <bp@...en8.de>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-nvdimm@...ts.01.org" <linux-nvdimm@...ts.01.org>
Subject: Re: [PATCH] x86/panic/reboot: Flush processor caches during
 panic/reboot

On Thu, 2015-07-23 at 10:40 -0700, Dan Williams wrote:
> On Thu, Jul 23, 2015 at 10:33 AM, Toshi Kani <toshi.kani@...com> wrote:
> > During power failure, Asynchronous DRAM Refresh (ADR) flushes
> > the write buffer in memory controllers into NVDIMM, but does not
> > flush processor caches.  While the kernel and application code
> > need to take care of processor cache flush, they may not be able
> > to do so during panic or reboot.
> > 
> > Add processor cache flush (wbinvd) to the stop-CPUs interfaces,
> > native_stop_other_cpus() and nmi_shootdown_cpus(), which are
> > called during panic and reboot as follows.  These wbinvd()s are
> > called on each CPU after its irq/APIC is disabled.
> > 
> >   - panic()
> >     + smp_send_stop()
> >        o native_stop_other_cpus()
> >           o stop_this_cpu()
> > 
> >   - native_machine_restart()
> >   - native_machine_halt()
> >   - native_machine_power_off()
> >      + native_machine_shutdown()
> >         + stop_other_cpus()
> >            o native_stop_other_cpus()
> >               o stop_this_cpu()
> > 
> >   - native_machine_crash_shutdown()
> >      + kdump_nmi_shootdown_cpus()
> >         o nmi_shootdown_cpus()
> >            o crash_nmi_callback()
> > 
> > Note, the cpu offline path, mwait_play_dead(), already calls
> > wbinvd().
> > 
> 
> If the application is already prepared for surprise power loss what
> additional benefit is there to flushing caches on panic?  In other
> words, if the application needs this for correctness then it is broken
> with respect to surprise power loss, otherwise these flushes are not
> necessary.

I agree that well-written applications should withstand with their own
journaling mechanisms whey they access NVDIMM directly.  But not all
applications are well-written or perfect on this regard.  msync does not
flush processor caches at this point, either.  So, we want to save all
updates to NVDIMM as much as possible to minimize inconsistency.

Thanks,
-Toshi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ