All of lore.kernel.org
 help / color / mirror / Atom feed
From: Frederic Weisbecker <frederic@kernel.org>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: LKML <linux-kernel@vger.kernel.org>,
	x86@kernel.org, Steven Rostedt <rostedt@goodmis.org>,
	Brian Gerst <brgerst@gmail.com>, Juergen Gross <jgross@suse.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Arnd Bergmann <arnd@arndb.de>, Andy Lutomirski <luto@kernel.org>
Subject: Re: [patch 02/10] x86/mce: Disable tracing and kprobes on do_machine_check()
Date: Wed, 26 Feb 2020 02:13:50 +0100	[thread overview]
Message-ID: <20200226011349.GH9599@lenoir> (raw)
In-Reply-To: <20200225220216.315548935@linutronix.de>

On Tue, Feb 25, 2020 at 10:36:38PM +0100, Thomas Gleixner wrote:
> From: Andy Lutomirski <luto@kernel.org>
> 
> do_machine_check() can be raised in almost any context including the most
> fragile ones. Prevent kprobes and tracing.
> 
> Signed-off-by: Andy Lutomirski <luto@kernel.org>
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> ---
>  arch/x86/include/asm/traps.h   |    3 ---
>  arch/x86/kernel/cpu/mce/core.c |   12 ++++++++++--
>  2 files changed, 10 insertions(+), 5 deletions(-)
> 
> --- a/arch/x86/include/asm/traps.h
> +++ b/arch/x86/include/asm/traps.h
> @@ -88,9 +88,6 @@ dotraplinkage void do_page_fault(struct
>  dotraplinkage void do_spurious_interrupt_bug(struct pt_regs *regs, long error_code);
>  dotraplinkage void do_coprocessor_error(struct pt_regs *regs, long error_code);
>  dotraplinkage void do_alignment_check(struct pt_regs *regs, long error_code);
> -#ifdef CONFIG_X86_MCE
> -dotraplinkage void do_machine_check(struct pt_regs *regs, long error_code);
> -#endif
>  dotraplinkage void do_simd_coprocessor_error(struct pt_regs *regs, long error_code);
>  #ifdef CONFIG_X86_32
>  dotraplinkage void do_iret_error(struct pt_regs *regs, long error_code);
> --- a/arch/x86/kernel/cpu/mce/core.c
> +++ b/arch/x86/kernel/cpu/mce/core.c
> @@ -1213,8 +1213,14 @@ static void __mc_scan_banks(struct mce *
>   * On Intel systems this is entered on all CPUs in parallel through
>   * MCE broadcast. However some CPUs might be broken beyond repair,
>   * so be always careful when synchronizing with others.
> + *
> + * Tracing and kprobes are disabled: if we interrupted a kernel context
> + * with IF=1, we need to minimize stack usage.  There are also recursion
> + * issues: if the machine check was due to a failure of the memory
> + * backing the user stack, tracing that reads the user stack will cause
> + * potentially infinite recursion.
>   */
> -void do_machine_check(struct pt_regs *regs, long error_code)
> +void notrace do_machine_check(struct pt_regs *regs, long error_code)
>  {
>  	DECLARE_BITMAP(valid_banks, MAX_NR_BANKS);
>  	DECLARE_BITMAP(toclear, MAX_NR_BANKS);
> @@ -1360,6 +1366,7 @@ void do_machine_check(struct pt_regs *re
>  	ist_exit(regs);
>  }
>  EXPORT_SYMBOL_GPL(do_machine_check);
> +NOKPROBE_SYMBOL(do_machine_check);

That won't protect all the function called by do_machine_check(), right?
There are lots of them.

  reply	other threads:[~2020-02-26  1:13 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-25 21:36 [patch 00/10] x86/entry: Consolidation - Part I Thomas Gleixner
2020-02-25 21:36 ` [patch 01/10] x86/entry/32: Add missing ASM_CLAC to general_protection entry Thomas Gleixner
2020-02-26  1:00   ` Frederic Weisbecker
2020-02-27 14:15   ` [tip: x86/entry] " tip-bot2 for Thomas Gleixner
2020-02-25 21:36 ` [patch 02/10] x86/mce: Disable tracing and kprobes on do_machine_check() Thomas Gleixner
2020-02-26  1:13   ` Frederic Weisbecker [this message]
2020-02-26  5:29     ` Andy Lutomirski
2020-02-26 13:28       ` Peter Zijlstra
2020-02-26 15:10         ` Andy Lutomirski
2020-02-26 16:08           ` Peter Zijlstra
2020-02-26 17:28             ` Andy Lutomirski
2020-02-26 18:42               ` Borislav Petkov
2020-02-26 18:59                 ` Peter Zijlstra
2020-02-26 19:09                   ` Andy Lutomirski
2020-02-26 20:59                     ` Steven Rostedt
2020-02-26 11:18   ` Borislav Petkov
2020-02-27 14:15   ` [tip: x86/entry] " tip-bot2 for Andy Lutomirski
2020-02-25 21:36 ` [patch 03/10] x86/entry/32: Force MCE through do_mce() Thomas Gleixner
2020-02-26  1:11   ` Frederic Weisbecker
2020-02-27 14:15   ` [tip: x86/entry] " tip-bot2 for Thomas Gleixner
2020-02-25 21:36 ` [patch 04/10] x86/traps: Remove pointless irq enable from do_spurious_interrupt_bug() Thomas Gleixner
2020-02-26  1:19   ` Frederic Weisbecker
2020-02-25 21:36 ` [patch 05/10] x86/traps: Document do_spurious_interrupt_bug() Thomas Gleixner
2020-02-26 17:08   ` Frederic Weisbecker
2020-02-27 14:15   ` [tip: x86/entry] " tip-bot2 for Thomas Gleixner
2020-02-25 21:36 ` [patch 06/10] x86/traps: Remove redundant declaration of do_double_fault() Thomas Gleixner
2020-02-27 14:15   ` [tip: x86/entry] " tip-bot2 for Thomas Gleixner
2020-02-25 21:36 ` [patch 07/10] x86/irq: Remove useless return value from do_IRQ() Thomas Gleixner
2020-02-27 14:15   ` [tip: x86/entry] " tip-bot2 for Thomas Gleixner
2020-02-25 21:36 ` [patch 08/10] x86/entry/32: Remove the 0/-1 distinction from exception entries Thomas Gleixner
2020-02-26  5:34   ` Andy Lutomirski
2020-02-26 18:42     ` Thomas Gleixner
2020-02-26 18:57       ` Andy Lutomirski
2020-02-26 19:15         ` Thomas Gleixner
2020-02-27 14:24           ` [patch V2 " Thomas Gleixner
2020-02-29 11:49             ` [tip: x86/entry] " tip-bot2 for Thomas Gleixner
2020-02-25 21:36 ` [patch 09/10] x86/entry/entry_32: Route int3 through common_exception Thomas Gleixner
2020-02-26 17:35   ` Frederic Weisbecker
2020-02-27 14:15   ` [tip: x86/entry] " tip-bot2 for Thomas Gleixner
2020-02-25 21:36 ` [patch 10/10] x86/traps: Stop using ist_enter/exit() in do_int3() Thomas Gleixner
2020-02-27 14:15   ` [tip: x86/entry] " tip-bot2 for Thomas Gleixner
2020-02-27 14:33   ` tip-bot2 for Andy Lutomirski
2020-02-26  5:26 ` [patch 00/10] x86/entry: Consolidation - Part I Andy Lutomirski
2020-02-26  5:35 ` Andy Lutomirski
2020-02-27 11:01 ` Alexandre Chartre

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200226011349.GH9599@lenoir \
    --to=frederic@kernel.org \
    --cc=arnd@arndb.de \
    --cc=brgerst@gmail.com \
    --cc=jgross@suse.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=rostedt@goodmis.org \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.