From: Andy Lutomirski <luto@kernel.org>
To: x86@kernel.org
Cc: KVM list <kvm@vger.kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
linux-kernel@vger.kernel.org, xen-devel <Xen-devel@lists.xen.org>,
Thomas Gleixner <tglx@linutronix.de>,
Andy Lutomirski <luto@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Andrew Morton <akpm@linux-foundation.org>,
Arjan van de Ven <arjan@linux.intel.com>,
Ingo Molnar <mingo@kernel.org>
Subject: [PATCH v2 1/2] x86/msr: Carry on after a non-"safe" MSR access fails without !panic_on_oops
Date: Sun, 20 Sep 2015 17:02:55 -0700 [thread overview]
Message-ID: <130a3b7ef4788baae3a6fe71293ab17442bc9a0a.1442793572.git.luto__10673.6438502141$1442793884$gmane$org@kernel.org> (raw)
In-Reply-To: <cover.1442793572.git.luto@kernel.org>
In-Reply-To: <cover.1442793572.git.luto@kernel.org>
This demotes an OOPS and likely panic due to a failed non-"safe" MSR
access to a WARN_ON_ONCE and a return of zero (in the RDMSR case).
We still write a pr_info entry unconditionally for debugging.
To be clear, this type of failure should *not* happen. This patch
exists to minimize the chance of nasty undebuggable failures due on
systems that used to work due to a now-fixed CONFIG_PARAVIRT=y bug.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/kernel/traps.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index 346eec73f7db..f82987643e32 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -437,6 +437,58 @@ exit_trap:
do_trap(X86_TRAP_BR, SIGSEGV, "bounds", regs, error_code, NULL);
}
+static bool paper_over_kernel_gpf(struct pt_regs *regs)
+{
+ /*
+ * Try to decode the opcode that failed. So far, we only care
+ * about boring two-byte unprefixed opcodes, so we don't need
+ * the full instruction decoder machinery.
+ */
+ u16 opcode;
+
+ if (probe_kernel_read(&opcode, (const void *)regs->ip, sizeof(opcode)))
+ return false;
+
+ if (opcode == 0x320f) {
+ /* RDMSR */
+ pr_info("bad kernel RDMSR from non-existent MSR 0x%x",
+ (unsigned int)regs->cx);
+ if (!panic_on_oops) {
+ WARN_ON_ONCE(true);
+
+ /*
+ * Pretend that RDMSR worked and returned zero. We
+ * chose zero because zero seems less likely to
+ * cause further malfunctions than any other value.
+ */
+ regs->ax = 0;
+ regs->dx = 0;
+ regs->ip += 2;
+ return true;
+ } else {
+ /* Don't fix it up. */
+ return false;
+ }
+ } else if (opcode == 0x300f) {
+ /* WRMSR */
+ pr_info("bad kernel WRMSR writing 0x%08x%08x to MSR 0x%x",
+ (unsigned int)regs->dx, (unsigned int)regs->ax,
+ (unsigned int)regs->cx);
+ if (!panic_on_oops) {
+ WARN_ON_ONCE(true);
+
+ /* Pretend it worked and carry on. */
+ regs->ip += 2;
+ return true;
+ } else {
+ /* Don't fix it up. */
+ return false;
+ }
+ }
+
+ return false;
+}
+
dotraplinkage void
do_general_protection(struct pt_regs *regs, long error_code)
{
@@ -456,6 +508,9 @@ do_general_protection(struct pt_regs *regs, long error_code)
if (fixup_exception(regs))
return;
+ if (paper_over_kernel_gpf(regs))
+ return;
+
tsk->thread.error_code = error_code;
tsk->thread.trap_nr = X86_TRAP_GP;
if (notify_die(DIE_GPF, "general protection fault", regs, error_code,
--
2.4.3
next parent reply other threads:[~2015-09-21 0:02 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <cover.1442793572.git.luto@kernel.org>
2015-09-21 0:02 ` Andy Lutomirski [this message]
2015-09-21 0:02 ` [PATCH v2 2/2] x86/msr: Set the return value to zero when native_rdmsr_safe fails Andy Lutomirski
[not found] ` <130a3b7ef4788baae3a6fe71293ab17442bc9a0a.1442793572.git.luto@kernel.org>
2015-09-21 0:15 ` [PATCH v2 1/2] x86/msr: Carry on after a non-"safe" MSR access fails without !panic_on_oops Linus Torvalds
[not found] ` <CA+55aFy4Chd-PJvxGne=TztPsvFqUG07Ht8mtc4+0oGNZNDOyw@mail.gmail.com>
2015-09-21 1:13 ` Andy Lutomirski
[not found] ` <CALCETrXqsKcqzfqMO2ctOJJ4X8Kb6vvoUpVDir9F2-a3XwK23w@mail.gmail.com>
2015-09-21 8:46 ` Ingo Molnar
[not found] ` <20150921084642.GA30984@gmail.com>
2015-09-21 12:27 ` Paolo Bonzini
2015-09-21 16:36 ` Linus Torvalds
[not found] ` <CA+55aFzKCi6pf0RP8HjDQYDsms6reB5AihuCAHEkVJtoOHk_Yw@mail.gmail.com>
2015-09-21 16:49 ` Arjan van de Ven
[not found] ` <56003506.1050100@linux.intel.com>
2015-09-21 17:27 ` Linus Torvalds
2015-09-21 17:43 ` Andy Lutomirski
[not found] ` <CALCETrUSEm_QLxGaBdmy3tQn=WnagvzTaYpy+i14sGUeaOUvTQ@mail.gmail.com>
2015-09-22 8:12 ` Paolo Bonzini
2015-09-21 18:16 ` Andy Lutomirski
[not found] ` <CALCETrUBcDxvtjKC-m97GPwCOHvcoDdGjnMJLukSue8ha55mng@mail.gmail.com>
2015-09-21 18:36 ` Borislav Petkov
2015-09-21 18:47 ` Linus Torvalds
2015-09-22 7:14 ` Ingo Molnar
2015-09-30 13:10 ` Peter Zijlstra
[not found] ` <20150930131002.GK2881@worktop.programming.kicks-ass.net>
2015-09-30 14:01 ` Ingo Molnar
[not found] ` <20150930140122.GB3285@gmail.com>
2015-09-30 18:04 ` Andy Lutomirski
[not found] ` <CALCETrVMV2_3ywQ_t+0rsqzxMm6D9PvDEmOdrie67rRzfj-W_Q@mail.gmail.com>
2015-10-01 7:15 ` Ingo Molnar
[not found] ` <20151001071505.GA21542@gmail.com>
2016-03-11 16:48 ` Andy Lutomirski
[not found] ` <CALCETrUFakwGL9zpj9TwKX9KbG9czq8fpEViU3nWaCvnpGurew@mail.gmail.com>
2016-03-12 16:02 ` Ingo Molnar
2015-09-30 18:32 ` H. Peter Anvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='130a3b7ef4788baae3a6fe71293ab17442bc9a0a.1442793572.git.luto__10673.6438502141$1442793884$gmane$org@kernel.org' \
--to=luto@kernel.org \
--cc=Xen-devel@lists.xen.org \
--cc=akpm@linux-foundation.org \
--cc=arjan@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).