| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aGVq6khN+QdqD5Aj@gmail.com> Date: Wed, 2 Jul 2025 10:22:50 -0700 From: Breno Leitao <leitao@...ian.org> To: "Luck, Tony" <tony.luck@...el.com> Cc: "Rafael J. Wysocki" <rafael@...nel.org>, Len Brown <lenb@...nel.org>, James Morse <james.morse@....com>, Borislav Petkov <bp@...en8.de>, linux-acpi@...r.kernel.org, linux-kernel@...r.kernel.org, kernel-team@...a.com, kbusch@...nel.org, rmikey@...a.com Subject: Re: [PATCH] acpi/ghes: add TAINT_MACHINE_CHECK on GHES panic path On Wed, Jul 02, 2025 at 09:31:30AM -0700, Luck, Tony wrote: > On Wed, Jul 02, 2025 at 08:39:51AM -0700, Breno Leitao wrote: > > When a GHES (Generic Hardware Error Source) triggers a panic, add the > > TAINT_MACHINE_CHECK taint flag to the kernel. This explicitly marks the > > While it might not strictly be a machine check that caused GHES to > panic, it seems close enough from the available TAINT options. Right, that was my reasoning as well. There are other cases where TAINT_MACHINE_CHECK is set when the Hardware is broken. > So unless someone feels it would be better to create a new TAINT > flag (TAINT_FATAL_GHES? TAINT_FIRMWARE_REPORTED_FATAL_ERRROR?) > then this seems OK to me. Thanks. That brings another topic. I am seeing crashes and warnings that are only happening after recoverable errors. I.e, there is a GHES recoverable error, and then machine crashes minutes later. A classical example is when the PCI downstream port disappear, and recovers later, re-enumerating everything, which is simply chaotic. I would like to be able to correlate the crash/warning with a machine that had a recoverable error. At scale, this improves the kernel monitoring by a lot. So, if we go toward using TAINT_FATAL_GHES, can we have two flavors? TAINT_FATAL_GHES_RECOVERABLE and TAINT_FATAL_GHES_FATAL? Thanks for the review, --breno > Reviewed-by: Tony Luck <tony.luck@...el.com> > > > kernel as tainted due to a machine check event, improving diagnostics > > and post-mortem analysis. The taint is set with LOCKDEP_STILL_OK to > > indicate lockdep remains valid. > > > > At large scale deployment, this helps to quickly determin panics that > > are coming due to hardware failures. > > > > Signed-off-by: Breno Leitao <leitao@...ian.org> > > --- > > drivers/acpi/apei/ghes.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/drivers/acpi/apei/ghes.c b/drivers/acpi/apei/ghes.c > > index f0584ccad4519..3d44f926afe8e 100644 > > --- a/drivers/acpi/apei/ghes.c > > +++ b/drivers/acpi/apei/ghes.c > > @@ -1088,6 +1088,8 @@ static void __ghes_panic(struct ghes *ghes, > > > > __ghes_print_estatus(KERN_EMERG, ghes->generic, estatus); > > > > + add_taint(TAINT_MACHINE_CHECK, LOCKDEP_STILL_OK); > > + > > ghes_clear_estatus(ghes, estatus, buf_paddr, fixmap_idx); > > > > if (!panic_timeout) > > > > --- > > base-commit: e96ee511c906c59b7c4e6efd9d9b33917730e000 > > change-id: 20250702-add_tain-902925f3eb96 > > > > Best regards, > > -- > > Breno Leitao <leitao@...ian.org> > >
Powered by blists - more mailing lists