From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756105AbbIYMDw (ORCPT ); Fri, 25 Sep 2015 08:03:52 -0400 Received: from mail9.hitachi.co.jp ([133.145.228.44]:59590 "EHLO mail9.hitachi.co.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755615AbbIYMDE (ORCPT ); Fri, 25 Sep 2015 08:03:04 -0400 X-AuditID: 85900ec0-9e1cab9000001a57-5c-56053733e10d X-Mailbox-Line: From nobody Fri Sep 25 20:28:11 2015 Subject: [V4 PATCH 4/4] x86/apic: Introduce noextnmi boot option To: Jonathan Corbet , Peter Zijlstra , Ingo Molnar , "Eric W. Biederman" , "H. Peter Anvin" , Andrew Morton , Thomas Gleixner , Vivek Goyal From: Hidehiro Kawai Cc: linux-doc@vger.kernel.org, x86@kernel.org, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, Michal Hocko , Ingo Molnar , Masami Hiramatsu Date: Fri, 25 Sep 2015 20:28:11 +0900 Message-ID: <20150925112811.4258.54494.stgit@softrs> In-Reply-To: <20150925112803.4258.94241.stgit@softrs> References: <20150925112803.4258.94241.stgit@softrs> User-Agent: StGit/0.16 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Brightmail-Tracker: AAAAAA== Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patch introduces new boot option "noextnmi" which disables external NMI. This option is useful for the dump capture kernel so that an HA application or administrator wouldn't mistakenly shoot down the kernel by NMI. Currently, only x86 supports this option. Signed-off-by: Hidehiro Kawai Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Jonathan Corbet --- Documentation/kernel-parameters.txt | 4 ++++ arch/x86/kernel/apic/apic.c | 17 ++++++++++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt index 22a4b68..8bcaccd 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt @@ -2379,6 +2379,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. noexec=on: enable non-executable mappings (default) noexec=off: disable non-executable mappings + noextnmi [X86] + Mask external NMI. This option is useful for a + dump capture kernel to be shot down by NMI. + nosmap [X86] Disable SMAP (Supervisor Mode Access Prevention) even if it is supported by processor. diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c index 24e94ce..fd47128 100644 --- a/arch/x86/kernel/apic/apic.c +++ b/arch/x86/kernel/apic/apic.c @@ -82,6 +82,12 @@ static unsigned int disabled_cpu_apicid __read_mostly = BAD_APICID; /* + * Don't enable external NMI via LINT1 on BSP. This is useful for + * the dump capture kernel. + */ +static bool apic_noextnmi; + +/* * Map cpu index to physical APIC ID */ DEFINE_EARLY_PER_CPU_READ_MOSTLY(u16, x86_cpu_to_apicid, BAD_APICID); @@ -1161,6 +1167,8 @@ void __init init_bsp_APIC(void) value = APIC_DM_NMI; if (!lapic_is_integrated()) /* 82489DX */ value |= APIC_LVT_LEVEL_TRIGGER; + if (apic_noextnmi) + value |= APIC_LVT_MASKED; apic_write(APIC_LVT1, value); } @@ -1380,7 +1388,7 @@ void setup_local_APIC(void) /* * only the BP should see the LINT1 NMI signal, obviously. */ - if (!cpu) + if (!cpu && !apic_noextnmi) value = APIC_DM_NMI; else value = APIC_DM_NMI | APIC_LVT_MASKED; @@ -2548,3 +2556,10 @@ static int __init apic_set_disabled_cpu_apicid(char *arg) return 0; } early_param("disable_cpu_apicid", apic_set_disabled_cpu_apicid); + +static int __init apic_set_noextnmi(char *arg) +{ + apic_noextnmi = true; + return 0; +} +early_param("noextnmi", apic_set_noextnmi);