| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250612214849.3950094-1-sohil.mehta@intel.com>
Date: Thu, 12 Jun 2025 14:48:39 -0700
From: Sohil Mehta <sohil.mehta@...el.com>
To: x86@...nel.org,
linux-kernel@...r.kernel.org
Cc: Xin Li <xin@...or.com>,
"H . Peter Anvin" <hpa@...or.com>,
Andy Lutomirski <luto@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Sean Christopherson <seanjc@...gle.com>,
Adrian Hunter <adrian.hunter@...el.com>,
Kan Liang <kan.liang@...ux.intel.com>,
Tony Luck <tony.luck@...el.com>,
Zhang Rui <rui.zhang@...el.com>,
Steven Rostedt <rostedt@...dmis.org>,
Sohil Mehta <sohil.mehta@...el.com>,
Andrew Cooper <andrew.cooper3@...rix.com>,
"Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>,
Jacob Pan <jacob.pan@...ux.microsoft.com>,
Andi Kleen <ak@...ux.intel.com>,
Kai Huang <kai.huang@...el.com>,
Sandipan Das <sandipan.das@....com>,
linux-perf-users@...r.kernel.org,
linux-edac@...r.kernel.org,
kvm@...r.kernel.org,
linux-pm@...r.kernel.org,
linux-trace-kernel@...r.kernel.org
Subject: [PATCH v7 00/10] x86: Add support for NMI-source reporting with FRED
Changes since v6
================
This series is a minor update from v6, with the following changes:
* Includes a pre-patch to provide separate KVM IRQ and NMI entry
wrappers for FRED (Sean).
* Uses an enum to allocate NMI-source vectors (DaveH).
* Picks up review tags from Xin.
* Rebased on top of 6.16-rc1.
The patchset seems to be maturing, so while reviewing this version, please
consider providing Acks and Review tags if the patches look okay.
v6: https://lore.kernel.org/lkml/20250513203803.2636561-1-sohil.mehta@intel.com/
Background
==========
NMI-source reporting with FRED [1] provides a new mechanism for
identifying the source of NMIs. As part of the FRED event delivery
framework, a 16-bit vector bitmap is provided that identifies one or
more sources that caused the NMI.
Using the source bitmap, the kernel can precisely run the relevant NMI
handlers instead of polling the entire NMI handler list. Additionally,
the source information would be invaluable for debugging misbehaving
handlers and unknown NMIs.
Overview of NMI-source usage
============================
Code snippets:
// Allocate a static source vector at compile time
#define NMIS_VECTOR_TEST 1
// Register an NMI handler with the vector
register_nmi_handler(NMI_LOCAL, test_handler, 0, "nmi_test", NMIS_VECTOR_TEST);
// Generate an NMI with the source vector using NMI encoded delivery
__apic_send_IPI_mask(cpumask, APIC_DM_NMI | NMIS_VECTOR_TEST);
// Handle an NMI with or without the source information (oversimplified)
source_bitmap = fred_event_data(regs);
if (!source_bitmap || (source_bitmap & BIT(NMIS_VECTOR_TEST)))
test_handler();
// Unregister handler along with the vector
unregister_nmi_handler(NMI_LOCAL, "nmi_test");
Patch structure
===============
Patch 1-3: Prepare FRED/KVM and enumerate NMI-source reporting
Patch 4-6: Register and handle NMI-source vectors
Patch 7-9: APIC changes to generate NMIs with vectors
Patch 10: Improve debug print with NMI-source information
Many thanks to Sean Christopherson, Xin Li, H. Peter Anvin, Andi Kleen,
Tony Luck, Kan Liang, Jacob Pan Jun, Zeng Guang, Peter Zijlstra,
Sandipan Das, Steven Rostedt, Dave Hansen and others for their
contributions, reviews and feedback.
Future work
===========
I am considering a few additional changes related to debugging and
tracing, as well as KVM support, that would be valuable for enhancing
NMI handling in the kernel.
Refer the v6 cover letter for more details:
v6: https://lore.kernel.org/lkml/20250513203803.2636561-1-sohil.mehta@intel.com/
Links
=====
[1]: Chapter 9, https://www.intel.com/content/www/us/en/content-details/819481/flexible-return-and-event-delivery-fred-specification.html
Jacob Pan (1):
perf/x86: Enable NMI-source reporting for perfmon
Sean Christopherson (1):
x86/fred: Provide separate IRQ vs. NMI wrappers for entry from KVM
Sohil Mehta (8):
x86/fred: Pass event data to the NMI entry point from KVM
x86/cpufeatures: Add the CPUID feature bit for NMI-source reporting
x86/nmi: Extend the registration interface to include the NMI-source
vector
x86/nmi: Assign and register NMI-source vectors
x86/nmi: Add support to handle NMIs with source information
x86/nmi: Prepare for the new NMI-source vector encoding
x86/nmi: Enable NMI-source for IPIs delivered as NMIs
x86/nmi: Print source information with the unknown NMI console message
arch/x86/entry/entry_64_fred.S | 2 +-
arch/x86/events/amd/ibs.c | 2 +-
arch/x86/events/core.c | 6 +--
arch/x86/events/intel/core.c | 6 +--
arch/x86/include/asm/apic.h | 39 ++++++++++++++++++
arch/x86/include/asm/apicdef.h | 2 +-
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/fred.h | 35 +++++++++++-----
arch/x86/include/asm/nmi.h | 62 ++++++++++++++++++++++++++++-
arch/x86/kernel/apic/hw_nmi.c | 5 +--
arch/x86/kernel/apic/ipi.c | 4 +-
arch/x86/kernel/apic/local.h | 24 ++++++-----
arch/x86/kernel/cpu/cpuid-deps.c | 1 +
arch/x86/kernel/cpu/mce/inject.c | 4 +-
arch/x86/kernel/cpu/mshyperv.c | 2 +-
arch/x86/kernel/kgdb.c | 8 ++--
arch/x86/kernel/kvm.c | 9 +----
arch/x86/kernel/nmi.c | 40 +++++++++++++++++++
arch/x86/kernel/nmi_selftest.c | 8 ++--
arch/x86/kernel/smp.c | 6 +--
arch/x86/kvm/vmx/vmx.c | 4 +-
arch/x86/platform/uv/uv_nmi.c | 4 +-
drivers/acpi/apei/ghes.c | 2 +-
drivers/char/ipmi/ipmi_watchdog.c | 3 +-
drivers/edac/igen6_edac.c | 3 +-
drivers/thermal/intel/therm_throt.c | 2 +-
drivers/watchdog/hpwdt.c | 6 +--
27 files changed, 218 insertions(+), 72 deletions(-)
base-commit: 19272b37aa4f83ca52bdf9c16d5d81bdd1354494
--
2.43.0
Powered by blists - more mailing lists