From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0CF2BC48260 for ; Thu, 8 Feb 2024 06:21:19 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9B7A56B0098; Thu, 8 Feb 2024 01:21:18 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 967B26B0099; Thu, 8 Feb 2024 01:21:18 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8574B6B009A; Thu, 8 Feb 2024 01:21:18 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 7573A6B0098 for ; Thu, 8 Feb 2024 01:21:18 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 2C11CC075F for ; Thu, 8 Feb 2024 06:21:18 +0000 (UTC) X-FDA: 81767639436.19.EA9D862 Received: from szxga04-in.huawei.com (szxga04-in.huawei.com [45.249.212.190]) by imf14.hostedemail.com (Postfix) with ESMTP id EACB1100013 for ; Thu, 8 Feb 2024 06:21:13 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=huawei.com; spf=pass (imf14.hostedemail.com: domain of tongtiangen@huawei.com designates 45.249.212.190 as permitted sender) smtp.mailfrom=tongtiangen@huawei.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1707373276; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EfvgUZLtEoSRvrJ6m+9kuESyY4VZjslyJTpauHionlA=; b=dT/pYghmuN2r+sKsnvw1uMc/+iUyrRnvpPO/GePvC/xzbgsJScwJby4zQtK22VCimmQzvA NMjUKuFnUXo5HHy6yzPSl32DT2+AkyYotP02vsKheSVZ0S9t1SJVil+F9BWCgM+AsshzvP vQw4ErjTbLYtIHrxiCNMG+OFwYycTrE= ARC-Authentication-Results: i=1; imf14.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=huawei.com; spf=pass (imf14.hostedemail.com: domain of tongtiangen@huawei.com designates 45.249.212.190 as permitted sender) smtp.mailfrom=tongtiangen@huawei.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1707373276; a=rsa-sha256; cv=none; b=W5ZROjuWvdRL7Nm1jXXLCpJXTew1R1tIZkGKsUTa+NDHk3emlE/d6oDAR5mgyN+uSPKifB SamzC/FMRUVgChCbeLmklZdPSLd9Fn4v8hD5wsOzObOyYdGRWq91wWoNHyx+D94bvp+oji 1rTwuaoWQlhu2yM2d0YmXH8/RN3XH+8= Received: from mail.maildlp.com (unknown [172.19.88.163]) by szxga04-in.huawei.com (SkyGuard) with ESMTP id 4TVmz21yp8z29lKN; Thu, 8 Feb 2024 14:19:10 +0800 (CST) Received: from kwepemm600017.china.huawei.com (unknown [7.193.23.234]) by mail.maildlp.com (Postfix) with ESMTPS id 901C3180060; Thu, 8 Feb 2024 14:21:07 +0800 (CST) Received: from [10.174.179.234] (10.174.179.234) by kwepemm600017.china.huawei.com (7.193.23.234) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 8 Feb 2024 14:21:06 +0800 Message-ID: <34957b85-717a-055b-6b9b-5af16e57c31f@huawei.com> Date: Thu, 8 Feb 2024 14:21:05 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.8.0 Subject: Re: [PATCH -next v5 2/3] x86/mce: set MCE_IN_KERNEL_COPYIN for DEFAULT_MCE_SAFE exception To: Borislav Petkov CC: Thomas Gleixner , Ingo Molnar , , Dave Hansen , , "H. Peter Anvin" , Tony Luck , Andy Lutomirski , Peter Zijlstra , Andrew Morton , Naoya Horiguchi , , , , Guohanjun References: <20240204082627.3892816-1-tongtiangen@huawei.com> <20240204082627.3892816-3-tongtiangen@huawei.com> <20240207122942.GRZcN3tqWkV-WE-pak@fat_crate.local> From: Tong Tiangen In-Reply-To: <20240207122942.GRZcN3tqWkV-WE-pak@fat_crate.local> Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit X-Originating-IP: [10.174.179.234] X-ClientProxiedBy: dggems701-chm.china.huawei.com (10.3.19.178) To kwepemm600017.china.huawei.com (7.193.23.234) X-Rspamd-Queue-Id: EACB1100013 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: w87p4fchcmyom8dg14qzyan36skjimyo X-HE-Tag: 1707373273-777812 X-HE-Meta: U2FsdGVkX1+0a7xYgCBBAmHMoiLDbHbdmGSIzToSv3gjmW3bo7dhqCeQaHDKiG7h1Vl6Sh8CMCJKMXH39h4wFIliief0jmQH4yy5lz2ajYXx1XtewrhWgK0e/LtCBPg3pYedrhrb0XlUOT+f4WjPun/gjqAkB5khjW5g1Tn/GWfSKxkToCjixzO+VLQ+XeHtiE7r7LVJklz5Dw/87/s6TIcRQksF3AxWJZLpUlS1+TgNiP6+BLXBZ6TPiqjDYV+fGnvDDnsaHOJZSYF1BuxxADzgwp0zeuTI5LUsPDxo+FVLF3a+WWdOEHJWTLAZ2ccW63sj8liXki/k/8uK8sQ9dTZPJueuLh66mNOgZ8rqw/7amYK1RbtdqnVGBoWcnaBE+xa0qj6bmIsmD/Smx9WCGivbFgouO1sVT61HAgUcNSq2pbVDJsklYk/hje8oylf1W/2NjrJwCyFhBQI1EoIc4tqL4cKH46PktJpwqG+JxN9hpEHec5wfx40fI3o1HQGDtPoyRo8Qth413Fz36wQZjSXg43BE4TvlfaHhC/ZKg0E3/T8NYNdeHcxeEOk63fgLncjOt78bww+cVx2tCKFNVTGZ2TdM0ZKcfYoH/JaowqN+l/ZzyWW/U06DtQAv5k+wr0rBHjQ7bjxG7SigmM599THJcsQLd5AgHMvi7gMyECjDHKbo7r2gOERBHUZwKMBVveXvoUl5cE1ijYQ0bksyFLhq6Ugyj0S/r+e7OucP7kSoyxCM5GUzDgypzJ2AUeRbaaGe2VYjFE0MQW8CL90Xr1pcBX4TFpZeqdsO9fN5EuQ5v6mln7KDSlIQ3EO5CCR2hVKXjXTLzoMzV+oo9aXq/c4CZskpde/XVc2hT4mujF7lm6qyTUC6u4IJh2XYQA9U/RWmtysLRlYd32k1SzAEx8l1MSqvXTcUr7K96UGETeMgSdS/C23LtbzzSTIoQGFb8J6K1zm7kCiI5b/0Ovj RHxNKfOg VHeg0C/Iwta8yyQsCRMmbt7FCTcJ87ist+IZmcnhc41rWH3iIrbeqbK/Me3cndWKVyeGql5XaATZ0OvzE1hPkFe3AslmPstPwc9MSJIr8/ZJ6Gy8aWK+lM6L1tgCoPDKKRAynjgZ/DntboBIILflD1zfkftxZ5OU+xbFhM1q9vrIWnjKX0ak0za7DOuC4HGRnC2LMkvIaCAr7Oqg= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: 在 2024/2/7 20:29, Borislav Petkov 写道: > On Sun, Feb 04, 2024 at 04:26:26PM +0800, Tong Tiangen wrote: >> diff --git a/arch/x86/kernel/cpu/mce/severity.c b/arch/x86/kernel/cpu/mce/severity.c >> index bca780fa5e57..b2cce1b6c96d 100644 >> --- a/arch/x86/kernel/cpu/mce/severity.c >> +++ b/arch/x86/kernel/cpu/mce/severity.c >> @@ -292,11 +292,11 @@ static noinstr int error_context(struct mce *m, struct pt_regs *regs) >> case EX_TYPE_UACCESS: >> if (!copy_user) >> return IN_KERNEL; >> + fallthrough; >> + case EX_TYPE_DEFAULT_MCE_SAFE: >> m->kflags |= MCE_IN_KERNEL_COPYIN; >> fallthrough; > > I knew something was still bugging me here and this is still wrong. > > Let's imagine this flow: > > copy_mc_to_user() - note *src is kernel memory > |-> copy_mc_enhanced_fast_string or copy_mc_fragile - it's the same thing > |-> -#MC, exception type EX_TYPE_DEFAULT_MCE_SAFE > |-> error_context(): > case EX_TYPE_DEFAULT_MCE_SAFE: > m->kflags |= MCE_IN_KERNEL_COPYIN; > > MCE_IN_KERNEL_COPYIN does kill_me_never(): > > pr_err("Kernel accessed poison in user space at %llx\n", p->mce_addr); > > but that's reading from kernel memory! > > IOW, I *think* that switch statement should be this: > > switch (fixup_type) { > case EX_TYPE_UACCESS: > case EX_TYPE_DEFAULT_MCE_SAFE: > if (!copy_user) > return IN_KERNEL; > > m->kflags |= MCE_IN_KERNEL_COPYIN; > fallthrough; > > case EX_TYPE_FAULT_MCE_SAFE: > m->kflags |= MCE_IN_KERNEL_RECOV; > return IN_KERNEL_RECOV; > > default: > return IN_KERNEL; > } > > Provided I'm not missing a case and provided is_copy_from_user() really > detects all cases properly. > > And then patch 3 is wrong because we only can handle "copy in" - not > just any copy. That makes sense. I'll check that point out later. Many thanks. Tong. > > Thx. >