From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D25B5C4828F for ; Wed, 7 Feb 2024 12:30:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 555466B0074; Wed, 7 Feb 2024 07:30:14 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 4DE866B0075; Wed, 7 Feb 2024 07:30:14 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3A5D96B0078; Wed, 7 Feb 2024 07:30:14 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 24AE96B0074 for ; Wed, 7 Feb 2024 07:30:14 -0500 (EST) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id BDDDC1A05E3 for ; Wed, 7 Feb 2024 12:30:13 +0000 (UTC) X-FDA: 81764940306.29.B4C4581 Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) by imf14.hostedemail.com (Postfix) with ESMTP id 8C67B100034 for ; Wed, 7 Feb 2024 12:30:10 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=alien8.de header.s=alien8 header.b="Dc/tUaMI"; dmarc=pass (policy=none) header.from=alien8.de; spf=pass (imf14.hostedemail.com: domain of bp@alien8.de designates 65.109.113.108 as permitted sender) smtp.mailfrom=bp@alien8.de ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1707309011; a=rsa-sha256; cv=none; b=KgU2n0jAorMR4fcrCP9G3kMiZIuuJuWomP69ywALTU2YTtit7vxbEjia2fjDDqVNJwPyrt mAotHJoYv4J7TxN0VDKIlG8lc9j8un4jc4rx1g3xuPFb+shcWsdODZUXn3bVnKl9BTOY2A xLmtCCJn23a2QyWpQcxTB0JsK5UXOEg= ARC-Authentication-Results: i=1; imf14.hostedemail.com; dkim=pass header.d=alien8.de header.s=alien8 header.b="Dc/tUaMI"; dmarc=pass (policy=none) header.from=alien8.de; spf=pass (imf14.hostedemail.com: domain of bp@alien8.de designates 65.109.113.108 as permitted sender) smtp.mailfrom=bp@alien8.de ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1707309011; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=neMQamQmFqij5v0x/QfM0vgH5KoHFOe0tPCa7WZMvKc=; b=bzAls6uJ8rRJCT7Tr1X/l33oEJfXoMlV9xqNp3tZ0RsVKB/RsHO/PqryLasz+fL1l0pczp D210vCA3Ch8M9smuC7lwjtqOcDizNjpbPUfuuYRsC6Ta1CXC3AySzFLTIxa3NpwfiRnyFU JCxTnz6nQW6A/zNjCEy9QCRKwQ89C2A= Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id 4F5FF40E01F7; Wed, 7 Feb 2024 12:30:06 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id gZmVZCS8ja_O; Wed, 7 Feb 2024 12:30:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1707309004; bh=neMQamQmFqij5v0x/QfM0vgH5KoHFOe0tPCa7WZMvKc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Dc/tUaMIs8BJJUfjfyuOd0jAsrzUmCNX7vTfH8INBqThEFBdRfp5f5FcU0nCscJxH ciR/3tvkZUGI5BWmwxEc/K+uShPxQ1U8pwyVn5LSGjEivfTjNvv6c7QOMozVhPziGc zR5+UOUkPQemarw5nTASgLR2JuIBf7on3fcZUyFVrBJNffgNHceVAN6pcfnofgcZ1d 3ch7oPx5Qh9qEIHLbTJcKVJoO4ZXXqIKOgjhk0nsiryImy9mUnDJNgFCwmnL47XiBJ kTnlUYyS6++th3sY3V6XMzp2hy7qaloJw1l5ttaD1PdhaFrRfA80a6l0bJwsQXwrKi 7d5VTwmh5bn4GNqA+YZ/mmKPFvVaLxjtzy7rEBcQreSXBRYgbitCE2cGvUnsxz6N/e 1RPD48m+EJWxpGdzphhMrMDme0Zq4drsSweBQpe9+n5LsBISgcN6SYw6/T8gWiWnr9 TM+x5zL43AjvXCDV5T8Ygl2lBvImHEyquGayu91mRWEHu1ZCxdY6k2z+Vnark5yAI5 u/B/iWVCE9BxvNREe+g+TejekTIGYHSMFbGfe8hEqsB7S9cbAO5nSVEnom+MZIpHlF NQ+U9RzjChZNdOiT/2BoQ5ZxCoUxNPaNLCF+nfPOe1xE+TQnlzU5ezMtF9Ujz/+mGC RaSl75FL3SvjkWhxJlkYDvbU= Received: from zn.tnic (pd953021b.dip0.t-ipconnect.de [217.83.2.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id AB74B40E016D; Wed, 7 Feb 2024 12:29:47 +0000 (UTC) Date: Wed, 7 Feb 2024 13:29:42 +0100 From: Borislav Petkov To: Tong Tiangen Cc: Thomas Gleixner , Ingo Molnar , wangkefeng.wang@huawei.com, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Tony Luck , Andy Lutomirski , Peter Zijlstra , Andrew Morton , Naoya Horiguchi , linux-kernel@vger.kernel.org, linux-edac@vger.kernel.org, linux-mm@kvack.org, Guohanjun Subject: Re: [PATCH -next v5 2/3] x86/mce: set MCE_IN_KERNEL_COPYIN for DEFAULT_MCE_SAFE exception Message-ID: <20240207122942.GRZcN3tqWkV-WE-pak@fat_crate.local> References: <20240204082627.3892816-1-tongtiangen@huawei.com> <20240204082627.3892816-3-tongtiangen@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20240204082627.3892816-3-tongtiangen@huawei.com> X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 8C67B100034 X-Stat-Signature: 1iuf1f1p7fim9sf4kwkqp61gywee1tyh X-HE-Tag: 1707309010-508512 X-HE-Meta: U2FsdGVkX19YWJdFJmT/rTX33UNlo8e12ONTyH4CYV1QNA8uDmkgNDYCbv7GQJNJPbokibKTeSvI+CXddVkzkLivOeloZJYajdGGZJWd3UYD8Iswqh9g3T0YnFppZrXZkM75+gOCKXE8KSxc+3m370/dDiF1FcczI+V4BuUSkVBuG9ZXfzEquGbDNGTkKHQQnxHGaEZ8Grypb1cttpYGNAEtHRQLtDQuCzpolBSj01R9tmQSo6m5h65rNCVzvWuo+9MX1xQqtNtrJ5m679jB9205nb4fsY32VJ2aYmbdKFOzus2G+a80T+0AwrvvksUnTXCW3WlmX0hoDnPxUG+4NRed7DHCVPeDuixhZlj90uoLnfsC6RCEli8bkWl9gjgzNN0/37uNvgBFwxRXG8GmyiigtjqHRn0TLaDNTlgt4nGNKU635GfwQL5BXBla+qh+TWvLWbx6P/wom+eKrDbLRpfyLxXlrppG/wrQQeiTlQ3WCprcVUcEDONfPEUM/RazN9xNdpKsXjZO2DWo0l6bGEQWvpGU9CUSlXrDvqGbUniuij/4JXwLG2khllpK1n+t0jw5c2PFlydGNBkVf8SwuXDj6MBsp852vUP9xzSZ54o3JIzU0cNPk5N5SxpG7ifDy4l9EHJRXbdo/WMlQzd/9DxqE8YbT7hanViXg3CKYPH7hSZg5AGvReKjdqj6ATHJLTjpMXH9TWvL+pcXuo5gfdcUHUUpF68gjODbkpUBx4aKtaEOA1orOolJdMm96wtDZWt+bKHEkevW5M5r7NCUIWf4qmTF591xzSoEL2iKG0wA81FPVspMlezy07R/3WuqYhUowbRHcuUQu5lbWNhv4dfpV3aYJtnkmsH29q+BpgizndhqojW4SpbLgxCo+PeFW7okNzDdPZbnh0e6GiUDd1SL1gPm0wGuvSBpGm9XCN8esXKCsM9xIB5qbXv9Smil53Gn13Zj7bfNa2b+VPg ax+Iytca y1utXvv/beygEcP1rDh7/lUqkABoQQhRJgrPhGAEAMjyoOeDu4d9E4cz2qq9bpFpR/st8ChGtUP0PWHRQ2WL6Dp8kT7MzUDpemoNpJZcCVNx3kD1OzlJsaYvhUARo7+VCMGxKSC3/wh9F0M2AUdYsR0w56l9eZPbv/hb87eDDkrOCpSrnDPEoD4M14kbnUVQXFFNJAZIDn6DuANxxME+nyqsBbLHK0LrjIL2oghDnmG9owJT5r9hAlrdjdw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Sun, Feb 04, 2024 at 04:26:26PM +0800, Tong Tiangen wrote: > diff --git a/arch/x86/kernel/cpu/mce/severity.c b/arch/x86/kernel/cpu/mce/severity.c > index bca780fa5e57..b2cce1b6c96d 100644 > --- a/arch/x86/kernel/cpu/mce/severity.c > +++ b/arch/x86/kernel/cpu/mce/severity.c > @@ -292,11 +292,11 @@ static noinstr int error_context(struct mce *m, struct pt_regs *regs) > case EX_TYPE_UACCESS: > if (!copy_user) > return IN_KERNEL; > + fallthrough; > + case EX_TYPE_DEFAULT_MCE_SAFE: > m->kflags |= MCE_IN_KERNEL_COPYIN; > fallthrough; I knew something was still bugging me here and this is still wrong. Let's imagine this flow: copy_mc_to_user() - note *src is kernel memory |-> copy_mc_enhanced_fast_string or copy_mc_fragile - it's the same thing |-> -#MC, exception type EX_TYPE_DEFAULT_MCE_SAFE |-> error_context(): case EX_TYPE_DEFAULT_MCE_SAFE: m->kflags |= MCE_IN_KERNEL_COPYIN; MCE_IN_KERNEL_COPYIN does kill_me_never(): pr_err("Kernel accessed poison in user space at %llx\n", p->mce_addr); but that's reading from kernel memory! IOW, I *think* that switch statement should be this: switch (fixup_type) { case EX_TYPE_UACCESS: case EX_TYPE_DEFAULT_MCE_SAFE: if (!copy_user) return IN_KERNEL; m->kflags |= MCE_IN_KERNEL_COPYIN; fallthrough; case EX_TYPE_FAULT_MCE_SAFE: m->kflags |= MCE_IN_KERNEL_RECOV; return IN_KERNEL_RECOV; default: return IN_KERNEL; } Provided I'm not missing a case and provided is_copy_from_user() really detects all cases properly. And then patch 3 is wrong because we only can handle "copy in" - not just any copy. Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette