(catching up with old threads) On Mon, Dec 09, 2024 at 10:42:54AM +0800, Tong Tiangen wrote: > For the arm64 kernel, when it processes hardware memory errors for > synchronize notifications(do_sea()), if the errors is consumed within the > kernel, the current processing is panic. However, it is not optimal. > > Take copy_from/to_user for example, If ld* triggers a memory error, even in > kernel mode, only the associated process is affected. Killing the user > process and isolating the corrupt page is a better choice. I agree that killing the user process and isolating the page is a better choice but I don't see how the latter happens after this patch. Which page would be isolated? > Add new fixup type EX_TYPE_KACCESS_ERR_ZERO_MEM_ERR to identify insn > that can recover from memory errors triggered by access to kernel memory, > and this fixup type is used in __arch_copy_to_user(), This make the regular > copy_to_user() will handle kernel memory errors. Is the assumption that the error on accessing kernel memory is transient? There's no way to isolate the kernel page and also no point in isolating the destination page either. -- Catalin
