From: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com>
To: ebiederm@xmission.com
Cc: len.brown@intel.com, fenghua.yu@intel.com, x86@kernel.org,
kexec@lists.infradead.org, linux-kernel@vger.kernel.org,
rob.herring@calxeda.com, grant.likely@secretlab.ca,
hpa@zytor.com, tglx@linutronix.de, mingo@elte.hu,
vgoyal@redhat.com
Subject: Re: [PATCH v1 2/2] x86, apic: Disable BSP if boot cpu is AP
Date: Mon, 11 Mar 2013 11:13:52 +0900 (JST) [thread overview]
Message-ID: <20130311.111352.105946462.d.hatayama@jp.fujitsu.com> (raw)
In-Reply-To: <20130311.100721.32982204.d.hatayama@jp.fujitsu.com>
From: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com>
Subject: Re: [PATCH v1 2/2] x86, apic: Disable BSP if boot cpu is AP
Date: Mon, 11 Mar 2013 10:07:21 +0900
> From: "Eric W. Biederman" <ebiederm@xmission.com>
> Subject: Re: [PATCH v1 2/2] x86, apic: Disable BSP if boot cpu is AP
> Date: Thu, 25 Oct 2012 21:13:25 -0700
>
>> HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com> writes:
>>
>>> From: "H. Peter Anvin" <hpa@zytor.com>
>>> Subject: Re: [PATCH v1 2/2] x86, apic: Disable BSP if boot cpu is AP
>>> Date: Mon, 22 Oct 2012 17:35:47 -0700
>>>
>>>> On 10/22/2012 02:29 PM, Eric W. Biederman wrote:
> <cut>
>>> Considering these, I'll make a patch to clear BSP flag at appropreate
>>> position in kernel boot-up code. OTOH, according to the discussion, it
>>> was reported that clearing BSP flag affected some BIOSes. To deal with
>>> this, I'll prepare a kernel option to decide whether to clear BSP flag
>>> or not.
>>>
>>> Does anyone have any comments now? Or please comment after I submit a
>>> new patch.
>>
>> I think you are on right track with preparing some patches, and this
>> certainly looks like worth experimenting with.
>>
>> At least for i386 the code need to verify you have a cpu new enough to
>> have an APIC_BASE_MSR, but I don't think that is going to be hard.
>
> Eric, you have probably forgotten this work but I want to restart the
> work to allow multiple CPUs on the 2nd kernel. But on my
> investigation, I have a question about inconsistent states kdump
> framework assumes in the crash path on the 1st kernel.
>
> Now I'm re-investigating how to unset BSP flag on the 1st kernel in a
> safe manner. But then I must discuss possibility of BSP flag being set
> again after the unsetting of BSP. This includes firmware that assumes
> BSP flag is kept set throughtout system execution, but I noticed,
> fundamentally, it can happen even only with kernel code in the
> inconsistent state from the point where any bug happpens to before
> entering 2nd kernel.
>
> For example, some bug that causes buffer overrun can rewrite kdump
> code so some part of it be wrmsr but any other part is safe enough to
> boot 2nd kernel successfully... Although this is very low, but it must
> actually happen. Of course, we face the same situation if we put
> unsetting code in machine_shutdown() path, which is similarly not
> guaranteed to work well in inconsistent state.
>
> Different from kernel state and similar to any other device states, it
> seems to me that it's impossible to unset BSP flag in a safe manner
> together with inconsistent state kdump framework considers. Then, it
> seems to me that disabling BSP on 2nd kernel is a final resort.
I noticed this was not enough. In the inconsistent state, even AP can
have BSP flag set due to some bug. Then, in conclusion, we cannot use
multiple cpus on the 2nd kernel on top of kdump framework policy if
any change cannot be made there.
It seems to me that at least there needs to be the following design
policy for multiple CPUs on the 2nd kenrel:
- There's no firmware, kernel components and modules that depend on
BSP flag being kept set on the original BSP flag and never set BSP
flag of any of the existing CPUs again at runtime.
- Exclude a kind of bugs on which kdump framework works well, that set
BSP flag on any of the existing CPUs including AP.
If one of the assumption doesn't hold, we have to accept a risk of
system leading to unspecified behaviour.
Thanks.
HATAYAMA, Daisuke
WARNING: multiple messages have this Message-ID (diff)
From: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com>
To: ebiederm@xmission.com
Cc: len.brown@intel.com, fenghua.yu@intel.com, x86@kernel.org,
kexec@lists.infradead.org, linux-kernel@vger.kernel.org,
rob.herring@calxeda.com, grant.likely@secretlab.ca,
hpa@zytor.com, tglx@linutronix.de, mingo@elte.hu,
vgoyal@redhat.com
Subject: Re: [PATCH v1 2/2] x86, apic: Disable BSP if boot cpu is AP
Date: Mon, 11 Mar 2013 11:13:52 +0900 (JST) [thread overview]
Message-ID: <20130311.111352.105946462.d.hatayama@jp.fujitsu.com> (raw)
In-Reply-To: <20130311.100721.32982204.d.hatayama@jp.fujitsu.com>
From: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com>
Subject: Re: [PATCH v1 2/2] x86, apic: Disable BSP if boot cpu is AP
Date: Mon, 11 Mar 2013 10:07:21 +0900
> From: "Eric W. Biederman" <ebiederm@xmission.com>
> Subject: Re: [PATCH v1 2/2] x86, apic: Disable BSP if boot cpu is AP
> Date: Thu, 25 Oct 2012 21:13:25 -0700
>
>> HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com> writes:
>>
>>> From: "H. Peter Anvin" <hpa@zytor.com>
>>> Subject: Re: [PATCH v1 2/2] x86, apic: Disable BSP if boot cpu is AP
>>> Date: Mon, 22 Oct 2012 17:35:47 -0700
>>>
>>>> On 10/22/2012 02:29 PM, Eric W. Biederman wrote:
> <cut>
>>> Considering these, I'll make a patch to clear BSP flag at appropreate
>>> position in kernel boot-up code. OTOH, according to the discussion, it
>>> was reported that clearing BSP flag affected some BIOSes. To deal with
>>> this, I'll prepare a kernel option to decide whether to clear BSP flag
>>> or not.
>>>
>>> Does anyone have any comments now? Or please comment after I submit a
>>> new patch.
>>
>> I think you are on right track with preparing some patches, and this
>> certainly looks like worth experimenting with.
>>
>> At least for i386 the code need to verify you have a cpu new enough to
>> have an APIC_BASE_MSR, but I don't think that is going to be hard.
>
> Eric, you have probably forgotten this work but I want to restart the
> work to allow multiple CPUs on the 2nd kernel. But on my
> investigation, I have a question about inconsistent states kdump
> framework assumes in the crash path on the 1st kernel.
>
> Now I'm re-investigating how to unset BSP flag on the 1st kernel in a
> safe manner. But then I must discuss possibility of BSP flag being set
> again after the unsetting of BSP. This includes firmware that assumes
> BSP flag is kept set throughtout system execution, but I noticed,
> fundamentally, it can happen even only with kernel code in the
> inconsistent state from the point where any bug happpens to before
> entering 2nd kernel.
>
> For example, some bug that causes buffer overrun can rewrite kdump
> code so some part of it be wrmsr but any other part is safe enough to
> boot 2nd kernel successfully... Although this is very low, but it must
> actually happen. Of course, we face the same situation if we put
> unsetting code in machine_shutdown() path, which is similarly not
> guaranteed to work well in inconsistent state.
>
> Different from kernel state and similar to any other device states, it
> seems to me that it's impossible to unset BSP flag in a safe manner
> together with inconsistent state kdump framework considers. Then, it
> seems to me that disabling BSP on 2nd kernel is a final resort.
I noticed this was not enough. In the inconsistent state, even AP can
have BSP flag set due to some bug. Then, in conclusion, we cannot use
multiple cpus on the 2nd kernel on top of kdump framework policy if
any change cannot be made there.
It seems to me that at least there needs to be the following design
policy for multiple CPUs on the 2nd kenrel:
- There's no firmware, kernel components and modules that depend on
BSP flag being kept set on the original BSP flag and never set BSP
flag of any of the existing CPUs again at runtime.
- Exclude a kind of bugs on which kdump framework works well, that set
BSP flag on any of the existing CPUs including AP.
If one of the assumption doesn't hold, we have to accept a risk of
system leading to unspecified behaviour.
Thanks.
HATAYAMA, Daisuke
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
next prev parent reply other threads:[~2013-03-11 2:14 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-16 4:35 [PATCH v1 0/2] x86, apic: Disable BSP if boot cpu is AP HATAYAMA Daisuke
2012-10-16 4:35 ` HATAYAMA Daisuke
2012-10-16 4:35 ` [PATCH v1 1/2] x86, apic: Introduce boot_cpu_is_bsp indicating whether boot cpu is BSP or not HATAYAMA Daisuke
2012-10-16 4:35 ` HATAYAMA Daisuke
2012-10-16 4:35 ` [PATCH v1 2/2] x86, apic: Disable BSP if boot cpu is AP HATAYAMA Daisuke
2012-10-16 4:35 ` HATAYAMA Daisuke
2012-10-22 20:04 ` Eric W. Biederman
2012-10-22 20:04 ` Eric W. Biederman
2012-10-22 20:16 ` H. Peter Anvin
2012-10-22 20:16 ` H. Peter Anvin
2012-10-22 20:31 ` Eric W. Biederman
2012-10-22 20:31 ` Eric W. Biederman
2012-10-22 20:33 ` H. Peter Anvin
2012-10-22 20:33 ` H. Peter Anvin
2012-10-22 20:38 ` H. Peter Anvin
2012-10-22 20:38 ` H. Peter Anvin
2012-10-22 20:43 ` Eric W. Biederman
2012-10-22 20:43 ` Eric W. Biederman
2012-10-22 20:47 ` H. Peter Anvin
2012-10-22 20:47 ` H. Peter Anvin
2012-10-22 21:29 ` Eric W. Biederman
2012-10-22 21:29 ` Eric W. Biederman
2012-10-23 0:35 ` H. Peter Anvin
2012-10-23 0:35 ` H. Peter Anvin
2012-10-26 3:24 ` HATAYAMA Daisuke
2012-10-26 3:24 ` HATAYAMA Daisuke
2012-10-26 4:13 ` Eric W. Biederman
2012-10-26 4:13 ` Eric W. Biederman
2013-03-11 1:07 ` HATAYAMA Daisuke
2013-03-11 1:07 ` HATAYAMA Daisuke
2013-03-11 2:13 ` HATAYAMA Daisuke [this message]
2013-03-11 2:13 ` HATAYAMA Daisuke
2013-03-11 4:11 ` H. Peter Anvin
2013-03-11 4:11 ` H. Peter Anvin
2012-10-16 4:51 ` [PATCH v1 0/2] " Yu, Fenghua
2012-10-16 4:51 ` Yu, Fenghua
2012-10-16 5:03 ` HATAYAMA Daisuke
2012-10-16 5:03 ` HATAYAMA Daisuke
2012-10-16 5:14 ` Yu, Fenghua
2012-10-16 5:14 ` Yu, Fenghua
2012-10-16 6:38 ` HATAYAMA Daisuke
2012-10-16 6:38 ` HATAYAMA Daisuke
2012-10-22 16:02 ` H. Peter Anvin
2012-10-22 16:02 ` H. Peter Anvin
2012-10-16 5:15 ` HATAYAMA Daisuke
2012-10-16 5:15 ` HATAYAMA Daisuke
2012-10-17 14:12 ` Vivek Goyal
2012-10-17 14:12 ` Vivek Goyal
2012-10-18 3:08 ` HATAYAMA Daisuke
2012-10-18 3:08 ` HATAYAMA Daisuke
2012-10-18 14:14 ` Vivek Goyal
2012-10-18 14:14 ` Vivek Goyal
2012-10-19 3:20 ` HATAYAMA Daisuke
2012-10-19 3:20 ` HATAYAMA Daisuke
2012-10-19 15:17 ` Vivek Goyal
2012-10-19 15:17 ` Vivek Goyal
2012-10-22 6:32 ` HATAYAMA Daisuke
2012-10-22 6:32 ` HATAYAMA Daisuke
2012-10-22 18:37 ` Vivek Goyal
2012-10-22 18:37 ` Vivek Goyal
2012-10-22 17:10 ` Michael Holzheu
2012-10-22 17:10 ` Michael Holzheu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130311.111352.105946462.d.hatayama@jp.fujitsu.com \
--to=d.hatayama@jp.fujitsu.com \
--cc=ebiederm@xmission.com \
--cc=fenghua.yu@intel.com \
--cc=grant.likely@secretlab.ca \
--cc=hpa@zytor.com \
--cc=kexec@lists.infradead.org \
--cc=len.brown@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=rob.herring@calxeda.com \
--cc=tglx@linutronix.de \
--cc=vgoyal@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.