在 2024/2/1 22:20, Borislav Petkov 写道:
On Thu, Feb 01, 2024 at 07:37:25PM +0800, Tong Tiangen wrote:
在 2024/1/31 15:02, Borislav Petkov 写道:
On Thu, Jan 11, 2024 at 09:55:47PM +0800, Tong Tiangen wrote:
Currently, there are some kernel memory copy scenarios is also mc safe
which use copy_mc_to_kernel() or copy_mc_user_highpage().
Both of those end up in copy_mc_enhanced_fast_string() which does
EX_TYPE_DEFAULT_MCE_SAFE.
OK, how about this commit msg change? :)
Currently, there are some kernel memory copy scenarios is also mc safe
which use copy_mc_to_kernel() or copy_mc_user_highpage(), **both of those
end up in copy_mc_enhanced_fast_string() or copy_mc_fragile() which does
EX_TYPE_DEFAULT_MCE_SAFE.**
In these scenarios, posion pages need to be isolated too. Therefore, a
macro similar to MCE_IN_KERNEL_COPYIN is required. For this reason, we
can rename MCE_IN_KERNEL_COPYIN to MCE_IN_KERNEL_COPY_MC, the new macro
can be applied to both user-to-kernel mc safe copy and kernel-to-kernel
mc safe copy.
Maybe my question wasn't clear: why is that renaming churn needed at
all? What are you "fixing" here?
What is the problem that you're encountering which needs fixing?
This patch is a prepare patch and the next patch is a fix patch, the
complete logic of the two patches is as follows:
The problem i'm encountering:
-------------------------------
In the x86 mce processing, error_context() setting macro
MCE_IN_KERNEL_COPYIN to identify copy from user(user-to-kernel copy) for
fixup_type EX_TYPE_UACCESS.
Then do_machine_check() uses macro MCE_IN_KERNEL_COPYIN to isolate
posion page in memory_failure().
Currently, there are some kernel memory copy scenarios is also mc safe
which use copy_mc_to_kernel() or copy_mc_user_highpage(), these kernel-
to-kernel copy use fixup_type EX_TYPE_DEFAULT_MCE_SAFE. In these
scenarios, posion pages need to be isolated too and the current
implementation is to actively call memory_failure_queue() when the copy
fails.
Calling memory_failure_queue() separately is not a good implementation,
call it uniformly in do_machine_check() is more reasonable.
Solution:
----------
A macro similar to MCE_IN_KERNEL_COPYIN is required, so we can rename
MCE_IN_KERNEL_COPYIN to MCE_IN_KERNEL_COPY_MC, the new macro can be
applied to both user-to-kernel mc safe copy and kernel-to-kernel mc safe
copy, in error_context(),we can set MCE_IN_KERNEL_COPY_MC for both
fixup_type EX_TYPE_UACCESS and EX_TYPE_DEFAULT_MCE_SAFE.
Do you think it's clear to say so and then we can merge the two patches
to make the complete logic clearer in commit msg ?
Many thanks.
Tong.
Thx.
