| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250516165518.125495-1-18255117159@163.com> Date: Sat, 17 May 2025 00:55:14 +0800 From: Hans Zhang <18255117159@....com> To: bhelgaas@...gle.com, tglx@...utronix.de, kw@...ux.com, manivannan.sadhasivam@...aro.org, mahesh@...ux.ibm.com Cc: oohall@...il.com, linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, Hans Zhang <18255117159@....com> Subject: [PATCH 0/4] pci: implement "pci=aer_panic" The following series introduces a new kernel command-line option aer_panic to enhance error handling for PCIe Advanced Error Reporting (AER) in mission-critical environments. This feature ensures deterministic recover from fatal PCIe errors by triggering a controlled kernel panic when device recovery fails, avoiding indefinite system hangs. Problem Statement In systems where unresolved PCIe errors (e.g., bus hangs) occur, traditional error recovery mechanisms may leave the system unresponsive indefinitely. This is unacceptable for high-availability environment requiring prompt recovery via reboot. Solution The aer_panic option forces a kernel panic on unrecoverable AER errors. This bypasses prolonged recovery attempts and ensures immediate reboot. Patch Summary: Documentation Update: Adds aer_panic to kernel-parameters.txt, explaining its purpose and usage. Command-Line Handling: Implements pci=aer_panic parsing and state management in PCI core. State Exposure: Introduces pci_aer_panic_enabled() to check if the panic mode is active. Panic Trigger: Modifies recovery logic to panic the system when recovery fails and aer_panic is enabled. Impact Controlled Recovery: Reduces downtime by replacing hangs with immediate reboots. Optional: Enabled via pci=aer_panic; no default behavior change. Dependency: Requires CONFIG_PCIEAER. For example, in mobile phones and tablets, when there is a problem with the PCIe link and it cannot be restored, it is expected to provide an alternative method to make the system panic without waiting for the battery power to be completely exhausted before restarting the system. --- For example, the sm8250 and sm8350 of qcom will panic and restart the system when they are linked down. https://github.com/DOITfit/xiaomi_kernel_sm8250/blob/d42aa408e8cef14f4ec006554fac67ef80b86d0d/drivers/pci/controller/pci-msm.c#L5440 https://github.com/OnePlusOSS/android_kernel_oneplus_sm8350/blob/13ca08fdf0979fdd61d5e8991661874bb2d19150/drivers/net/wireless/cnss2/pci.c#L950 Since the design schemes of each SOC manufacturer are different, the AXI and other buses connected by PCIe do not have a design to prevent hanging. Once a FATAL error occurs in the PCIe link and cannot be restored, the system needs to be restarted. Dear Mani, I wonder if you know how other SoCs of qcom handle FATAL errors that occur in PCIe link. --- Hans Zhang (4): pci: implement "pci=aer_panic" PCI/AER: Introduce aer_panic kernel command-line option PCI/AER: Expose AER panic state via pci_aer_panic_enabled() PCI/AER: Trigger kernel panic on recovery failure if aer_panic is set .../admin-guide/kernel-parameters.txt | 7 +++++++ drivers/pci/pci.c | 2 ++ drivers/pci/pci.h | 4 ++++ drivers/pci/pcie/aer.c | 18 ++++++++++++++++++ drivers/pci/pcie/err.c | 8 ++++++-- 5 files changed, 37 insertions(+), 2 deletions(-) base-commit: fee3e843b309444f48157e2188efa6818bae85cf prerequisite-patch-id: 299f33d3618e246cd7c04de10e591ace2d0116e6 prerequisite-patch-id: 482ad0609459a7654a4100cdc9f9aa4b671be50b -- 2.25.1
Powered by blists - more mailing lists