From: Jue Wang <firstname.lastname@example.org>
To: "Luck, Tony" <email@example.com>
Cc: "Borislav Petkov" <firstname.lastname@example.org>,
"HORIGUCHI NAOYA(堀口 直也)" <email@example.com>,
"Oscar Salvador" <firstname.lastname@example.org>, x86 <email@example.com>,
"Song, Youquan" <firstname.lastname@example.org>
Subject: Re: [PATCH 2/3] x86/mce: Avoid infinite loop for copy from user recovery
Date: Mon, 2 Aug 2021 08:29:59 -0700 [thread overview]
Message-ID: <CAPcxDJ7_QiM1ZLCUHvqRAAtst8qd_yhhps8V4fE+Fq2YTPMVnw@mail.gmail.com> (raw)
On Sat, Jul 31, 2021 at 1:43 PM Luck, Tony <email@example.com> wrote:
> > After cherry picking patch 1 & 2, I saw the following with 2 UC errors injected
> > into the user space buffer passed into write(2), as expected:
> > [ 287.994754] Kernel panic - not syncing: Machine checks to different
> > user pages
> Interesting. What are the offsets of the two injected errors in your test (both
> w.r.t. the start of the buffer, and within a page).
They are just random offsets into the first 2 pages of the buffer (4k aligned),
1 error per page. To be precise: 0x440 and 0x1c0 within each page.
> > The kernel tested with has its x86/mce and mm/memory-failure aligned with
> > upstream till around 2020/11.
> > Is there any other patch that I have missed to the write syscall etc?
> There is a long series of patches from Al Viro to lib/iov_iter.c that are maybe
> also relevent in making the kernel copy from user stop at the first poison
> address in the buffer.
Thanks for the pointer.
Looks like , are not yet merged.
Is lib/iov_iter.c the only place the kernel performs a copy from user
and gets multiple
poisons? I suspect not.
For example, lots of kernel accesses to user space memory are from kernel agents
like khugepaged, NUMA auto balancing etc. These paths are not handled by the fix
I think the fix might have to be made to #MC handler's behavior wrt
the task work.
Send #MC signals and perform memory-failures actions from a task work is fine
for #MCs originated from user space, but not suitable for kernel
memory (user space memory). For the latter #MC handler must handle
#MC recovery in the exception context without resorting to task work;
this may be
OK since the recovery action for the later case is minimal: mark PG_hwpoison and
remove the kernel mapping.
next prev parent reply other threads:[~2021-08-02 15:30 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-31 6:30 [PATCH 2/3] x86/mce: Avoid infinite loop for copy from user recovery Jue Wang
2021-07-31 20:43 ` Luck, Tony
2021-08-02 15:29 ` Jue Wang [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-07-22 13:54 Jue Wang
2021-07-22 15:19 ` Luck, Tony
2021-07-22 23:30 ` Jue Wang
2021-07-23 0:14 ` Luck, Tony
2021-07-23 3:47 ` Jue Wang
2021-07-23 4:01 ` Luck, Tony
2021-07-23 4:16 ` Jue Wang
2021-07-23 14:47 ` Luck, Tony
2021-07-06 19:06 [PATCH 0/3] More machine check recovery fixes Tony Luck
2021-07-06 19:06 ` [PATCH 2/3] x86/mce: Avoid infinite loop for copy from user recovery Tony Luck
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).