Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S936135AbdCXPRe (ORCPT ); Fri, 24 Mar 2017 11:17:34 -0400 Received: from foss.arm.com ([217.140.101.70]:43030 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934613AbdCXPRQ (ORCPT ); Fri, 24 Mar 2017 11:17:16 -0400 Date: Fri, 24 Mar 2017 15:16:54 +0000 From: Mark Rutland To: Doug Berger Cc: catalin.marinas@arm.com, robh+dt@kernel.org, will.deacon@arm.com, computersforpeace@gmail.com, gregory.0xf0@gmail.com, f.fainelli@gmail.com, bcm-kernel-feedback-list@broadcom.com, wangkefeng.wang@huawei.com, james.morse@arm.com, vladimir.murzin@arm.com, panand@redhat.com, andre.przywara@arm.com, cmetcalf@mellanox.com, mingo@kernel.org, sandeepa.s.prabhu@gmail.com, shijie.huang@arm.com, linus.walleij@linaro.org, treding@nvidia.com, jonathanh@nvidia.com, olof@lixom.net, mirza.krak@gmail.com, suzuki.poulose@arm.com, bgolaszewski@baylibre.com, horms+renesas@verge.net.au, devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org Subject: Re: [PATCH 3/9] arm64: mm: install SError abort handler Message-ID: <20170324151654.GD29588@leverpostej> References: <20170324144632.5896-1-opendmb@gmail.com> <20170324144632.5896-4-opendmb@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170324144632.5896-4-opendmb@gmail.com> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2199 Lines: 71 On Fri, Mar 24, 2017 at 07:46:26AM -0700, Doug Berger wrote: > This commit adds support for minimal handling of SError aborts and > allows them to be hooked by a driver or other part of the kernel to > install a custom SError abort handler. The hook function returns > the previously registered handler so that handlers may be chained if > desired. > > The handler should return the value 0 if the error has been handled, > otherwise the handler should either call the next handler in the > chain or return a non-zero value. ... so the order these get calls is completely dependent on probe order... > Since the Instruction Specific Syndrome value for SError aborts is > implementation specific the registerred handlers must implement > their own parsing of the syndrome. ... and drivers have to be intimately familiar with the CPU, in order to be able to parse its IMPLEMENTATION DEFINED ESR_ELx.ISS value. Even then, there's no guarantee there's anything useful there, since it is IMPLEMENTATION DEFINED and could simply be RES0 or UNKNOWN in all cases. I do not think it is a good idea to allow arbitrary drivers to hook this fault in this manner. > + .align 6 > +el0_error: > + kernel_entry 0 > +el0_error_naked: > + mrs x25, esr_el1 // read the syndrome register > + lsr x24, x25, #ESR_ELx_EC_SHIFT // exception class > + cmp x24, #ESR_ELx_EC_SERROR // SError exception in EL0 > + b.ne el0_error_inv > +el0_serr: > + mrs x26, far_el1 > + // enable interrupts before calling the main handler > + enable_dbg_and_irq ... why? We don't do this for inv_entry today. > + ct_user_exit > + bic x0, x26, #(0xff << 56) > + mov x1, x25 > + mov x2, sp > + bl do_serr_abort > + b ret_to_user > +el0_error_inv: > + enable_dbg > + mov x0, sp > + mov x1, #BAD_ERROR > + mov x2, x25 > + b bad_mode > +ENDPROC(el0_error) Clearly you expect these to be delivered at arbitrary times during execution. What if a KVM guest is executing at the time the SError is delivered? To be quite frank, I don't believe that we can reliably and safely handle this misfeature in the kernel, and this infrastructure only provides the illusion that we can. I do not think it makes sense to do this. Thanks, Mark.