| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jun 2024 13:18:28 -0700 From: Jacob Pan <jacob.jun.pan@...ux.intel.com> To: X86 Kernel <x86@...nel.org>, Sean Christopherson <seanjc@...gle.com>, LKML <linux-kernel@...r.kernel.org>, Thomas Gleixner <tglx@...utronix.de>, Dave Hansen <dave.hansen@...el.com>, "H. Peter Anvin" <hpa@...or.com>, "Ingo Molnar" <mingo@...hat.com>, "Borislav Petkov" <bp@...en8.de>, "Xin Li" <xin3.li@...el.com>, linux-perf-users@...r.kernel.org, Peter Zijlstra <peterz@...radead.org> Cc: Paolo Bonzini <pbonzini@...hat.com>, Tony Luck <tony.luck@...el.com>, Andy Lutomirski <luto@...nel.org>, acme@...nel.org, kan.liang@...ux.intel.com, Andi Kleen <andi.kleen@...el.com>, "Mehta, Sohil" <sohil.mehta@...el.com>, Jacob Pan <jacob.jun.pan@...ux.intel.com> Subject: [PATCH v3 00/11] Add support for NMI source reporting Hi Thomas and all, Non-Maskable Interrupts (NMIs) are routed to the local Advanced Programmable Interrupt Controller (APIC) using vector #2. Before the advent of the Flexible Return and Event Delivery (FRED)[1], the vector information set by the NMI initiator was disregarded or lost within the hardware, compelling system software to poll every registered NMI handler to pinpoint the source of the NMI[2]. This approach led to several issues: 1. Inefficiency due to the CPU's time spent polling all handlers. 2. Increased latency from the additional time taken to poll all handlers. 3. The occurrence of unnecessary NMIs if they are triggered shortly after being processed by a different source. To tackle these challenges, Intel introduced NMI source reporting as a part of the FRED specification (detailed in Chapter 9). This CPU feature ensures that while all NMI sources are still aggregated into NMI vector (#2) for delivery, the source of the NMI is now conveyed through FRED event data (a 16-bit bitmap on the stack). This allows for the selective dispatch of the NMI source handler based on the bitmap, eliminating the need to invoke all NMI source handlers indiscriminately. In line with the hardware architecture, various interrupt sources can generate NMIs by encoding an NMI delivery mode. However, this patchset activates only the local NMI sources that are currently utilized by the Linux kernel, which includes: 1. Performance monitoring. 2. Inter-Processor Interrupts (IPIs) for functions like CPU backtrace, machine check, Kernel GNU Debugger (KGDB), reboot, panic stop, and self-test. Other NMI sources will continue to be handled as previously when the NMI source is not utilized or remains unidentified. Next steps: 1. KVM support 2. Optimization to reuse IDT NMI vector 2 as NMI source for "known" source. Link:https://lore.kernel.org/lkml/746fecd5-4c79-42f9-919e-912ec415e73f@zytor.com/ [1] https://www.intel.com/content/www/us/en/content-details/779982/flexible-return-and-event-delivery-fred-specification.html [2] https://lore.kernel.org/lkml/171011362209.2468526.15187874627966416701.tglx@xen13/ Thanks, Jacob --- V3: - Added KVM VMX patches to handle NMI exits (Sean) - Clean up in KVM for code reuse in PV IPI (patch 10 and 11) - Misc fixes based on reviews from HPA, Li Xin, and Sohil Change logs are in individual patches. Jacob Pan (9): x86/irq: Add enumeration of NMI source reporting CPU feature x86/irq: Define NMI source vectors x86/irq: Extend NMI handler registration interface to include source x86/irq: Factor out common NMI handling code x86/irq: Process nmi sources in NMI handler perf/x86: Enable NMI source reporting for perfmon x86/irq: Enable NMI source on IPIs delivered as NMI x86/irq: Move __prepare_ICR to x86 common header KVM: X86: Use common code for PV IPIs in linux guest Zeng Guang (2): KVM: VMX: Expand FRED kvm entry with event data KVM: VMX: Handle NMI Source report in VM exit arch/x86/entry/entry_64_fred.S | 2 +- arch/x86/events/amd/ibs.c | 2 +- arch/x86/events/core.c | 9 ++- arch/x86/events/intel/core.c | 6 +- arch/x86/include/asm/apic.h | 22 ++++++ arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/fred.h | 8 +- arch/x86/include/asm/irq_vectors.h | 38 ++++++++++ arch/x86/include/asm/nmi.h | 4 +- arch/x86/kernel/apic/hw_nmi.c | 5 +- arch/x86/kernel/apic/ipi.c | 4 +- arch/x86/kernel/apic/local.h | 16 ---- arch/x86/kernel/cpu/mce/inject.c | 4 +- arch/x86/kernel/cpu/mshyperv.c | 2 +- arch/x86/kernel/kgdb.c | 6 +- arch/x86/kernel/kvm.c | 10 +-- arch/x86/kernel/nmi.c | 117 ++++++++++++++++++++++++++--- arch/x86/kernel/nmi_selftest.c | 7 +- arch/x86/kernel/reboot.c | 4 +- arch/x86/kernel/smp.c | 4 +- arch/x86/kernel/traps.c | 4 +- arch/x86/kvm/vmx/vmx.c | 13 +++- arch/x86/platform/uv/uv_nmi.c | 4 +- drivers/acpi/apei/ghes.c | 2 +- drivers/char/ipmi/ipmi_watchdog.c | 2 +- drivers/edac/igen6_edac.c | 2 +- drivers/watchdog/hpwdt.c | 6 +- 27 files changed, 224 insertions(+), 80 deletions(-) -- 2.25.1
Powered by blists - more mailing lists