similar to: Audit of NMI and MCE paths

Hello, While auditing the NMI/MCE paths, I have encountered some issues with recursive locking in Xen, discovered by the misuse of the console_lock intermittently as a regular lock and as a recursive lock. The comment in spinlock.h is unclear as to whether mixing recursive and non recursive calls on the same spinlock is valid. If the calls are genuinely not valid, then surely regular spinlocks

xen/arch/x86/crash.c | 116 ++++++++++++++++++++++++++++++++++----- xen/arch/x86/machine_kexec.c | 19 ++++++ xen/arch/x86/x86_64/entry.S | 34 +++++++++++ xen/include/asm-x86/desc.h | 45 +++++++++++++++ xen/include/asm-x86/processor.h | 4 + 5 files changed, 203 insertions(+), 15 deletions(-) Experimentally, certain crash kernels will triple fault very early

Hi Andy, On Mon, Apr 27, 2020 at 10:37:41AM -0700, Andy Lutomirski wrote: > 1. Use IST for #VC and deal with all the mess that entails. With the removal of IST shifting I wonder what you would suggest on how to best implement an NMI-safe IST handler with nesting support. My current plan is to implement an IST handler which switches itself off the IST stack as soon as possible, freeing it for

The self_nmi() code cause''s an NMI to be triggered by sending an APIC message to the local processor. However, NMIs are blocked by the VMEXIT, until the next iret or VMENTER. Volume 3 Chapter 27 Section 1 of the Intel SDM states: An NMI causes subsequent NMIs to be blocked, but only after the VM exit completes. As a result, as soon as the VMENTER happens, an immediate VMEXIT happens

Those two should always be delivered first imo. Signed-off-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/x86/hvm/irq.c +++ b/xen/arch/x86/hvm/irq.c @@ -395,16 +395,16 @@ struct hvm_intack hvm_vcpu_has_pending_i struct hvm_domain *plat = &v->domain->arch.hvm_domain; int vector; - if ( (plat->irq.callback_via_type == HVMIRQ_callback_vector) -

I have an Intel e1000e NIC which I put into passthrough for an HVM domain under Xen 4.2. All the corresponding hardware protections are enabled on my system (DMA + Interrupt remapping), however, once in a while I get a SERR NMI in dom0 (NMI - PCI sys error (SERR) in xl dmesg). I am wondering about its exact reason. I am thinking in the following way: [+] Under Intel VT-x, interrupts are

On Tue, Jul 14, 2020 at 02:08:47PM +0200, Joerg Roedel wrote: > @@ -489,6 +490,9 @@ DEFINE_IDTENTRY_RAW(exc_nmi) > this_cpu_write(nmi_cr2, read_cr2()); > nmi_restart: > > + /* Needs to happen before DR7 is accessed */ > + sev_es_ist_enter(regs); > + > this_cpu_write(nmi_dr7, local_db_save()); > > nmi_enter(); > @@ -502,6 +506,8 @@

On Tue, Jul 14, 2020 at 02:08:47PM +0200, Joerg Roedel wrote: > @@ -489,6 +490,9 @@ DEFINE_IDTENTRY_RAW(exc_nmi) > this_cpu_write(nmi_cr2, read_cr2()); > nmi_restart: > > + /* Needs to happen before DR7 is accessed */ > + sev_es_ist_enter(regs); > + > this_cpu_write(nmi_dr7, local_db_save()); > > nmi_enter(); > @@ -502,6 +506,8 @@

Currently, Xen does not support injecting an NMI to HVM guest OS. Adding this feature is necessary for those softwares which depend on NMI to function correctly, such as KDB and oprofile. The attached patch allows NMI to be injected to guest OS in NMIP capable platforms. It also enables to queue an NMI and then inject it as soon as possible. Signed-off-by: Haitao Shan

On Sat, Apr 25, 2020 at 5:49 AM Joerg Roedel <jroedel at suse.de> wrote: > > Hi Dave, > > On Fri, Apr 24, 2020 at 03:53:09PM -0700, Dave Hansen wrote: > > Ahh, so any instruction that can have an instruction intercept set > > potentially needs to be able to tolerate a #VC? Those instruction > > intercepts are under the control of the (untrusted relative to the

On Sat, Apr 25, 2020 at 5:49 AM Joerg Roedel <jroedel at suse.de> wrote: > > Hi Dave, > > On Fri, Apr 24, 2020 at 03:53:09PM -0700, Dave Hansen wrote: > > Ahh, so any instruction that can have an instruction intercept set > > potentially needs to be able to tolerate a #VC? Those instruction > > intercepts are under the control of the (untrusted relative to the

On Tue, Feb 11, 2020 at 5:53 AM Joerg Roedel <joro at 8bytes.org> wrote: > > From: Joerg Roedel <jroedel at suse.de> > > Keep NMI state in SEV-ES code so the kernel can re-enable NMIs for the > vCPU when it reaches IRET. This patch is overcomplicated IMO. Just do the magic incantation in C from do_nmi or from here: /* * For ease of testing, unmask

# HG changeset patch # User Ian Campbell <ian.campbell@citrix.com> # Date 1332754018 -3600 # Node ID b3fc067f938da14fd8b0dce7b00c4876bbf99e8b # Parent d8e15dc99bf307bd0ae0b042f1d50409b9f26386 docs: wrap misc/xen-command-line.markdown to 80 columns Makes it more readable as a text document. Signed-off-by: Ian Campbell <ian.campbell@citrix.com> diff -r d8e15dc99bf3 -r b3fc067f938d

On Sat, Apr 25, 2020 at 1:23 PM Joerg Roedel <joro at 8bytes.org> wrote: > > On Sat, Apr 25, 2020 at 12:47:31PM -0700, Andy Lutomirski wrote: > > I assume the race you mean is: > > > > #VC > > Immediate NMI before IST gets shifted > > #VC > > > > Kaboom. > > > > How are you dealing with this? Ultimately, I think that NMI will need

Hello, I have the same error, server is auto rebooted during every boot with kernel XEN, HS20 with Debian Wheezy and XEN hang on and AMM managment show same errors described in previous mails. With Debian wheezy wit non-xen kernel boots correcte, it seems that problems is with xen kernel Same Server HS20 with Debian Lenny+ XEN 3.2 or Debian Squeeze+XEN 4.0 working perfect Upgraded to Debian

On Tue, Jun 23, 2020 at 04:59:14PM +0200, Joerg Roedel wrote: > On Tue, Jun 23, 2020 at 04:53:44PM +0200, Peter Zijlstra wrote: > > +noinstr void idtentry_validate_ist(struct pt_regs *regs) > > +{ > > + if ((regs->sp & ~(EXCEPTION_STKSZ-1)) == > > + (_RET_IP_ & ~(EXCEPTION_STKSZ-1))) > > + die("IST stack recursion", regs, 0); > > +}

> On Apr 25, 2020, at 12:10 PM, Joerg Roedel <joro at 8bytes.org> wrote: > > ?On Sat, Apr 25, 2020 at 11:15:35AM -0700, Andy Lutomirski wrote: >> shift_ist is gross. What's it for? If it's not needed, I'd rather >> not use it, and I eventually want to get rid of it for #DB as well. > > The #VC handler needs to be able to nest, there is no way around

> On Apr 25, 2020, at 12:10 PM, Joerg Roedel <joro at 8bytes.org> wrote: > > ?On Sat, Apr 25, 2020 at 11:15:35AM -0700, Andy Lutomirski wrote: >> shift_ist is gross. What's it for? If it's not needed, I'd rather >> not use it, and I eventually want to get rid of it for #DB as well. > > The #VC handler needs to be able to nest, there is no way around

I have read thru what other users have tried in this list when they have experienced seemingly similar issues to what I have, without success. I suspect there might be an issue regarding both the X100P and TDM04b cards being used in an Intel SE7525GP2 motherboard, as I had to even wait for a BIOS update from Intel in order to utilize my 3ware 9500 SATA raid controller on it (3ware Kb -->

On Tue, Jun 23, 2020 at 03:03:22PM +0200, Peter Zijlstra wrote: > On Tue, Jun 23, 2020 at 02:12:37PM +0200, Joerg Roedel wrote: > > On Tue, Jun 23, 2020 at 01:50:14PM +0200, Peter Zijlstra wrote: > > > If SNP is the sole reason #VC needs to be IST, then I'd strongly urge > > > you to only make it IST if/when you try and make SNP happen, not before. > > >