[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wg3qG_FzSwAnj8X22_aF6_Jm7wpjA4kXrCe8-C0vsUsLA@mail.gmail.com>
Date: Fri, 16 Jun 2023 09:22:22 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Alexander Potapenko <glider@...gle.com>
Cc: dave.hansen@...ux.intel.com, kirill.shutemov@...ux.intel.com,
linux-kernel@...r.kernel.org, peterz@...radead.org, x86@...nel.org
Subject: Re: [GIT PULL] x86/mm for 6.4
On Fri, 16 Jun 2023 at 01:47, Alexander Potapenko <glider@...gle.com> wrote:
>
> Shouldn't ex_handler_copy() be fixed in the same way?
I don't think ex_handler_copy() is actually reachable any more.
The only thing ex_handler_copy() did was to set %ax to the fault type.
It was used by the strange copy_user_generic_unrolled() that had
special machine check case for "don't do the tail if we get
X86_TRAP_MC".
But that was always bogus. The MC case in question was for the
__copy_user_nocache function, and the machine check case was for the
*destination*, which wasn't in user space at all.
So instead of looking at "what was the trap number", the code should
have just noticed "trapped on the destination", and stopped for *that*
reason.
See commit 034ff37d3407 ("x86: rewrite '__copy_user_nocache'
function") and in particular, see the comment there about writes on
the destination:
* An exception on a write means that we're
* done, but we need to update the count
* depending on where in the unrolled loop
* we were.
but yeah, I never removed the actual now unused _ASM_EXTABLE_CPY case.
Honestly, I had no way of even testing the code. I doubt anybody does.
There are a couple of users:
- rdma mis-uses it for regular kernel-to-kernel copies that don't
fault (because rdma wants the "nocache" case). So it can't fault at
all.
- a couple of GPU drivers mis-use it similarly to rdma, but at least
with a user source in the form of __copy_from_user_inatomic_nocache()
- _copy_from_iter_flushcache uses it for pmem and dax, because it
wants that machine check handling for non-volatile memory
So two of three users don't actually *have* the MC case at all on the
destination.
And the third case - the actual "copy using uncached accesses in order
to get errors on the destination" case - depends on hardware that I'm
not convinced really exists any more.
Oh, I think there's some odd ntb mis-use too.
I'd love for somebody to actually test the machine check case, but the
old code was completely insane with odd "we handle _one_ case of
4-byte alignment, but not actually the general case", so I wonder if
the MC case ever really worked in reality. And as mentioned, I am not
convinced the hardware is available.
Linus
Powered by blists - more mailing lists