lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <04EAB7311EE43145B2D3536183D1A84454C8463B@GSjpTKYDCembx31.service.hitachi.net>
Date:	Tue, 19 Jul 2016 11:23:52 +0000
From:	河合英宏 / KAWAI,HIDEHIRO 
	<hidehiro.kawai.ez@...achi.com>
To:	"'Dave Young'" <dyoung@...hat.com>
CC:	Michal Hocko <mhocko@...e.com>, Toshi Kani <toshi.kani@....com>,
	"Peter Zijlstra (Intel)" <peterz@...radead.org>,
	Vitaly Kuznetsov <vkuznets@...hat.com>,
	Minfei Huang <mnfhuang@...il.com>,
	"H. Peter Anvin" <hpa@...or.com>,
	Daniel Walker <dwalker@...o99.com>,
	Ingo Molnar <mingo@...nel.org>,
	Takao Indoh <indou.takao@...fujitsu.com>,
	Baoquan He <bhe@...hat.com>, "x86@...nel.org" <x86@...nel.org>,
	"Lee, Chun-Yi" <joeyli.kernel@...il.com>,
	Borislav Petkov <bp@...e.de>, Vivek Goyal <vgoyal@...hat.com>,
	Masami Hiramatsu <mhiramat@...nel.org>,
	Petr Mladek <pmladek@...e.com>,
	Josh Poimboeuf <jpoimboe@...hat.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"kexec@...ts.infradead.org" <kexec@...ts.infradead.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"HATAYAMA Daisuke" <d.hatayama@...fujitsu.com>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Tejun Heo <tj@...nel.org>,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: RE: Re: [V3 PATCH 1/2] x86/panic: Replace smp_send_stop() with
 kdump friendly version

> From: 'Dave Young' [mailto:dyoung@...hat.com]
> Sent: Tuesday, July 19, 2016 3:52 PM
> Hi,
> On 07/19/16 at 05:51am, 河合英宏 / KAWAI,HIDEHIRO wrote:
> > Hi,
> >
> > > From: 'Dave Young' [mailto:dyoung@...hat.com]
> > > Sent: Monday, July 18, 2016 6:02 PM
> > > On 07/15/16 at 11:50am, 河合英宏 / KAWAI,HIDEHIRO wrote:
> > > > Hi Dave,
> > > >
> > > > Thanks for your reply.
> > > >
> > > > > From: 'Dave Young' [mailto:dyoung@...hat.com]
> > > > > Sent: Wednesday, July 13, 2016 11:04 AM
> > > > >
> > > > > On 07/12/16 at 02:49am, 河合英宏 / KAWAI,HIDEHIRO wrote:
> > > > > > Hi Dave,
> > > > > >
> > > > > > Thanks for the comments.
> > > > > >
> > > > > > > From: Dave Young [mailto:dyoung@...hat.com]
> > > > > > > Sent: Monday, July 11, 2016 5:35 PM
> > > > > > >
> > > > > > > On 07/05/16 at 08:33pm, Hidehiro Kawai wrote:
> > [snip]
> > > > > > > As for this patch I'm not sure it is safe to replace the
> > > > > > > smp_send_stop with the kdump friendly function. I'm also not sure if
> > > > > > > the kdump friendly function is safe for kdump. Will glad to hear
> > > > > > > opinions from other arch experts.
> > > > > >
> > > > > > This stuff depends on architectures, so I speak only about
> > > > > > x86 (the logic doesn't change on other architectures at this time).
> > > > > >
> > > > > > kdump path with crash_kexec_post_notifiers disabled:
> > > > > >  panic()
> > > > > >    __crash_kexec()
> > > > > >      crash_setup_regs()
> > > > > >      crash_save_vmcoreinfo()
> > > > > >      machine_crash_shutdown()
> > > > > >        native_machine_crash_shutdown()
> > > > > >          panic_smp_send_stop() /* mostly same as original
> > > > > >                                 * kdump_nmi_shootdown_cpus()
> > > > > >                                 */
> > > > > >
> > > > > > kdump path with crash_kexec_post_notifiers enabled:
> > > > > >  panic()
> > > > > >    panic_smp_send_stop()
> > > > > >    __crash_kexec()
> > > > > >      crash_setup_regs()
> > > > > >      crash_save_vmcoreinfo()
> > > > > >      machine_crash_shutdown()
> > > > > >        native_machine_crash_shutdown()
> > > > > >          panic_smp_send_stop() // do nothing
> > > > > >
> > > > > > The difference is that stopping other CPUs before crash_setup_regs()
> > > > > > and crash_save_vmcoreinfo() or not.  Since crash_setup_regs() and
> > > > > > crash_save_vmcoreinfo() just save information to some memory area,
> > > > > > they wouldn't be affected by panic_smp_send_stop().  This means
> > > > > > placing panic_smp_send_stop before __crash_kexec is safe.
> > > > > >
> > > > > > BTW, I noticed my patch breaks Xen kernel.  I'll fix it in the next
> > > > > > version.
> > > > >
> > > > > But it does breaks stuff which depends on cpu not being disabled like problem 1 you mentioned in patch log.
> > > >
> > > > As I mentioned in the description of this patch, we should stop
> > > > other CPUs ASAP to preserve current state either
> > > > crash_kexec_post_notifiers is enabled or not.
> > > > Then, all remaining procedures should work well
> > > > after stopping other CPUs (but keep the CPU map online).
> > > >
> > > > Vivek also mentioned similar things:
> > > > https://lkml.org/lkml/2015/7/14/433
> > >
> > > The implementation in this patchset is different from suggestion in above link?
> > >
> > > I think Vivek's suggestion is a good idea, to drop smp_send_stop and do below:
> > >
> > > stop_cpus_save_register_state;
> > >
> > > if (!crash_kexec_post_notifiers)
> > > 	crash_kexec()
> > > atomic_notifier_call_chain()
> > > kmsg_dump()
> > >
> > > I'm just commenting from code flow point of view, the detail implementation
> > > definitely need more comments from Arch experts.
> > >
> > > Any reason did not move the kdump friendly function to earlier point like
> > > before previous __crash_kexec() below?
> > >         if (!crash_kexec_post_notifiers) {
> > >                 printk_nmi_flush_on_panic();
> > >                 __crash_kexec(NULL);
> > >         }
> >
> > The reason why the implementation differs from Vivek's is to keep
> > the current code flow if crash_kexec_post_notifiers is not specified.
> >
> > If we apply Vivek's or your suggestion, it may always cause kdump
> > to fail on MIPS OCTEON due to Problem 1.  I don't want to make things
> > any worse.  I may post a patch for MIPS OCTEON, but I can't test it.
> > For other architectures, I'm not sure what problems there are.
> > So at first, I want to fix the case where crash_kexec_post_notifiers is
> > specified on x86.  Then, if all other architectures support
> > `stop other CPUs before crash_kexec', switch to your or Vivek's
> > suggesting code.
> >
> > Is this acceptable?
> 
> Maybe you can find someone who can test MIPS OCTEON so that they can give
> some thoughts first and maybe test a fix?
> 
> [dyoung@...alhost linux]$ ./scripts/get_maintainer.pl -f arch/mips/cavium-octeon
> Ralf Baechle <ralf@...ux-mips.org> (supporter:MIPS,commit_signer:32/35=91%)
> David Daney <david.daney@...ium.com> (commit_signer:21/35=60%,authored:8/35=23%)
> Aaro Koskinen <aaro.koskinen@....fi> (commit_signer:15/35=43%,authored:8/35=23%)
> Janne Huttunen <janne.huttunen@...ia.com>
> (commit_signer:7/35=20%,authored:7/35=20%)
> Thomas Gleixner <tglx@...utronix.de> (commit_signer:4/35=11%,authored:2/35=6%)
> linux-mips@...ux-mips.org (open list:MIPS)
> linux-kernel@...r.kernel.org (open list)

So I'll try to fix for MIPS OCTEON, but I'm going to keep the current
behavior when crash_kexec_post_notifiers is not specified because
I'm not sure what will happen on other architectures.

Best regards,

Hidehiro Kawai
Hitachi, Ltd. Research & Development Group



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ