| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <04EAB7311EE43145B2D3536183D1A84454C83B25@GSjpTKYDCembx31.service.hitachi.net>
Date: Tue, 19 Jul 2016 05:51:18 +0000
From: 河合英宏 / KAWAI,HIDEHIRO
<hidehiro.kawai.ez@...achi.com>
To: "'Dave Young'" <dyoung@...hat.com>
CC: Michal Hocko <mhocko@...e.com>, Toshi Kani <toshi.kani@....com>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Minfei Huang <mnfhuang@...il.com>,
"H. Peter Anvin" <hpa@...or.com>,
Daniel Walker <dwalker@...o99.com>,
Ingo Molnar <mingo@...nel.org>,
Takao Indoh <indou.takao@...fujitsu.com>,
Baoquan He <bhe@...hat.com>, "x86@...nel.org" <x86@...nel.org>,
"Lee, Chun-Yi" <joeyli.kernel@...il.com>,
Borislav Petkov <bp@...e.de>, Vivek Goyal <vgoyal@...hat.com>,
Masami Hiramatsu <mhiramat@...nel.org>,
Petr Mladek <pmladek@...e.com>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"kexec@...ts.infradead.org" <kexec@...ts.infradead.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"HATAYAMA Daisuke" <d.hatayama@...fujitsu.com>,
"Eric W. Biederman" <ebiederm@...ssion.com>,
Tejun Heo <tj@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: RE: Re: [V3 PATCH 1/2] x86/panic: Replace smp_send_stop() with
kdump friendly version
Hi,
> From: 'Dave Young' [mailto:dyoung@...hat.com]
> Sent: Monday, July 18, 2016 6:02 PM
> On 07/15/16 at 11:50am, 河合英宏 / KAWAI,HIDEHIRO wrote:
> > Hi Dave,
> >
> > Thanks for your reply.
> >
> > > From: 'Dave Young' [mailto:dyoung@...hat.com]
> > > Sent: Wednesday, July 13, 2016 11:04 AM
> > >
> > > On 07/12/16 at 02:49am, 河合英宏 / KAWAI,HIDEHIRO wrote:
> > > > Hi Dave,
> > > >
> > > > Thanks for the comments.
> > > >
> > > > > From: Dave Young [mailto:dyoung@...hat.com]
> > > > > Sent: Monday, July 11, 2016 5:35 PM
> > > > >
> > > > > On 07/05/16 at 08:33pm, Hidehiro Kawai wrote:
[snip]
> > > > > As for this patch I'm not sure it is safe to replace the
> > > > > smp_send_stop with the kdump friendly function. I'm also not sure if
> > > > > the kdump friendly function is safe for kdump. Will glad to hear
> > > > > opinions from other arch experts.
> > > >
> > > > This stuff depends on architectures, so I speak only about
> > > > x86 (the logic doesn't change on other architectures at this time).
> > > >
> > > > kdump path with crash_kexec_post_notifiers disabled:
> > > > panic()
> > > > __crash_kexec()
> > > > crash_setup_regs()
> > > > crash_save_vmcoreinfo()
> > > > machine_crash_shutdown()
> > > > native_machine_crash_shutdown()
> > > > panic_smp_send_stop() /* mostly same as original
> > > > * kdump_nmi_shootdown_cpus()
> > > > */
> > > >
> > > > kdump path with crash_kexec_post_notifiers enabled:
> > > > panic()
> > > > panic_smp_send_stop()
> > > > __crash_kexec()
> > > > crash_setup_regs()
> > > > crash_save_vmcoreinfo()
> > > > machine_crash_shutdown()
> > > > native_machine_crash_shutdown()
> > > > panic_smp_send_stop() // do nothing
> > > >
> > > > The difference is that stopping other CPUs before crash_setup_regs()
> > > > and crash_save_vmcoreinfo() or not. Since crash_setup_regs() and
> > > > crash_save_vmcoreinfo() just save information to some memory area,
> > > > they wouldn't be affected by panic_smp_send_stop(). This means
> > > > placing panic_smp_send_stop before __crash_kexec is safe.
> > > >
> > > > BTW, I noticed my patch breaks Xen kernel. I'll fix it in the next
> > > > version.
> > >
> > > But it does breaks stuff which depends on cpu not being disabled like problem 1 you mentioned in patch log.
> >
> > As I mentioned in the description of this patch, we should stop
> > other CPUs ASAP to preserve current state either
> > crash_kexec_post_notifiers is enabled or not.
> > Then, all remaining procedures should work well
> > after stopping other CPUs (but keep the CPU map online).
> >
> > Vivek also mentioned similar things:
> > https://lkml.org/lkml/2015/7/14/433
>
> The implementation in this patchset is different from suggestion in above link?
>
> I think Vivek's suggestion is a good idea, to drop smp_send_stop and do below:
>
> stop_cpus_save_register_state;
>
> if (!crash_kexec_post_notifiers)
> crash_kexec()
> atomic_notifier_call_chain()
> kmsg_dump()
>
> I'm just commenting from code flow point of view, the detail implementation
> definitely need more comments from Arch experts.
>
> Any reason did not move the kdump friendly function to earlier point like
> before previous __crash_kexec() below?
> if (!crash_kexec_post_notifiers) {
> printk_nmi_flush_on_panic();
> __crash_kexec(NULL);
> }
The reason why the implementation differs from Vivek's is to keep
the current code flow if crash_kexec_post_notifiers is not specified.
If we apply Vivek's or your suggestion, it may always cause kdump
to fail on MIPS OCTEON due to Problem 1. I don't want to make things
any worse. I may post a patch for MIPS OCTEON, but I can't test it.
For other architectures, I'm not sure what problems there are.
So at first, I want to fix the case where crash_kexec_post_notifiers is
specified on x86. Then, if all other architectures support
`stop other CPUs before crash_kexec', switch to your or Vivek's
suggesting code.
Is this acceptable?
Best regards,
Hidehiro Kawai
Hitachi, Ltd. Research & Development Group
Powered by blists - more mailing lists