[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2] xen/pv: Fix a boot up hang revealed by int3 self test


  • To: Zhenzhong Duan <zhenzhong.duan@xxxxxxxxxx>
  • From: Jan Beulich <JBeulich@xxxxxxxx>
  • Date: Mon, 15 Jul 2019 06:54:27 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=suse.com;dmarc=pass action=none header.from=suse.com;dkim=pass header.d=suse.com;arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VcPacChXb77rQUIpw8yDJPWQJgxYibaSDcb/JLWQdM0=; b=SgnQuCDnKUolIdrtpxznlXQ+MRGHP8NYNql77KcZgT9cGgvE2C2Z/z50XWb0Qpi1DVhu8uBNA6fGHIKxO7nCOc865C6a2bnQ78lLOBmfB7mQ66yMztVQsqhDS09SxD42FiYluxoCQ7U05PXrromWZLzSTglCiv0yHARc9fxKcRP2nI5b0obkOCKOLlRhy/QSijOlK3A+q+yWmfEHX96agAcgmeSjWegHEDoq80T9LyLnpjCqiVSn+C6nH3TVa9UbMXD9IZmMDaRoh/oBtCRxIYG+eBA6Vii4vX+gsG9emjpxJvdb5KARfpG0x4migNVfg6XGbecQbFwlcK4y5FWJbg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jEMqq86toZ0NrdI0MBpKkLJ7Hueg2loUV3F4ZO57PHqJHr23h0G/1iDIgIcnG6ezan4+HCZff9OYlE/jeyJzm087Cm2rbqV+MtISAkxa8Y6BONmcujdNIGngqC924pLnlunZwC1PuhMQfpuiSTidXCobDTdvlRZqDyQ/1C+7SPESLpT3RLGqEXq2r7chhAjZHrMaQ1KaX643csH2IOXjWTZOaGOcoLB6G47NV4WeYalUVcqaxsQ5sDYGCj9A1c9L73AwvsIpzyAMJtWPYOfuzdLk37QXL6DdjEbfa5R8O1N3fv3FY1vZAKfx3cwNgnpNuYvoXSmRAeZ9wBfDHyNgxQ==
  • Authentication-results: spf=none (sender IP is ) smtp.mailfrom=JBeulich@xxxxxxxx;
  • Cc: Juergen Gross <JGross@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "x86@xxxxxxxxxx" <x86@xxxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, "srinivas.eeda@xxxxxxxxxx" <srinivas.eeda@xxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
  • Delivery-date: Mon, 15 Jul 2019 07:07:19 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHVOImcjcwxoNt5ZUKNkWkdaGDt/qbHCyGugAQaD5iAAB39AA==
  • Thread-topic: [Xen-devel] [PATCH v2] xen/pv: Fix a boot up hang revealed by int3 self test

On 15.07.2019 07:05, Zhenzhong Duan wrote:
> 
> On 2019/7/12 22:06, Andrew Cooper wrote:
>> On 11/07/2019 03:15, Zhenzhong Duan wrote:
>>> Commit 7457c0da024b ("x86/alternatives: Add int3_emulate_call()
>>> selftest") is used to ensure there is a gap setup in exception stack
>>> which could be used for inserting call return address.
>>>
>>> This gap is missed in XEN PV int3 exception entry path, then below panic
>>> triggered:
>>>
>>> [    0.772876] general protection fault: 0000 [#1] SMP NOPTI
>>> [    0.772886] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.2.0+ #11
>>> [    0.772893] RIP: e030:int3_magic+0x0/0x7
>>> [    0.772905] RSP: 3507:ffffffff82203e98 EFLAGS: 00000246
>>> [    0.773334] Call Trace:
>>> [    0.773334]  alternative_instructions+0x3d/0x12e
>>> [    0.773334]  check_bugs+0x7c9/0x887
>>> [    0.773334]  ? __get_locked_pte+0x178/0x1f0
>>> [    0.773334]  start_kernel+0x4ff/0x535
>>> [    0.773334]  ? set_init_arg+0x55/0x55
>>> [    0.773334]  xen_start_kernel+0x571/0x57a
>>>
>>> As xenint3 and int3 entry code are same except xenint3 doesn't generate
>>> a gap, we can fix it by using int3 and drop useless xenint3.
>> For 64bit PV guests, Xen's ABI enters the kernel with using SYSRET, with
>> %rcx/%r11 on the stack.
>>
>> To convert back to "normal" looking exceptions, the xen thunks do `pop
>> %rcx; pop %r11; jmp do_*`...
> I will add this to commit message.
>>
>>> diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
>>> index 0ea4831..35a66fc 100644
>>> --- a/arch/x86/entry/entry_64.S
>>> +++ b/arch/x86/entry/entry_64.S
>>> @@ -1176,7 +1176,6 @@ idtentry stack_segment        do_stack_segment    
>>> has_error_code=1
>>>   #ifdef CONFIG_XEN_PV
>>>   idtentry xennmi            do_nmi            has_error_code=0
>>>   idtentry xendebug        do_debug        has_error_code=0
>>> -idtentry xenint3        do_int3            has_error_code=0
>>>   #endif
>> What is confusing is why there are 3 extra magic versions here.  At a
>> guess, I'd say something to do with IST settings (given the vectors),
>> but I don't see why #DB/#BP would need to be different in the first
>> place.  (NMI sure, but that is more to do with the crazy hoops needing
>> to be jumped through to keep native functioning safely.)
> 
> xenint3 will be removed in this patch safely as it don't use IST now.
> 
> But debug and nmi need paranoid_entry which will read MSR_GS_BASE to determine
> 
> if swapgs is needed. I guess PV guesting running in ring3 will #GP with 
> swapgs?

Not only that (Xen could trap and emulate swapgs if that was needed) - 64-bit
PV kernel mode always gets entered with kernel GS base already set. Hence
finding out whether to switch the GS base is specifically not something that
any exception entry point would need to do (and it should actively try to
avoid it, for performance reasons).

Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.