Received: by 10.223.185.116 with SMTP id b49csp3266657wrg;
        Mon, 12 Feb 2018 23:45:17 -0800 (PST)
X-Google-Smtp-Source: AH8x227kF5OnCS0JVjBKuu/qgVn1LwOwSQPPid9NkPjfn8GpKi9kF09mpijK5WZv1RS6UCxamVgC
X-Received: by 2002:a17:902:8b8a:: with SMTP id ay10-v6mr315855plb.156.1518507917755;
        Mon, 12 Feb 2018 23:45:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1518507917; cv=none;
        d=google.com; s=arc-20160816;
        b=setp1p8qDEJIKqptR6f3nlgy9QCey6EBuXdvV9RsxHivWQGSrwX4PzVCceWmMhaYt2
         Xce+XU5QbdzpqBiIIWU5oynqo4cc7oDZPQxThY2+NKzPDGe3Pofi64h/O+4HBTqtSZqk
         A6RtwLImq3ZtXgMrOa6UdZkCBPCXr2x0Zidc1Rm/6KhYfuEVkXnzuBAfmQ6WfpTkaPZF
         KZK78hmNz3W/rIDIhU9D2zGS5HDZeFIXpaRIzK9CUKqbDZJIOV+ZPUPiKtStjgvmwxLi
         eQ7bYsqGm3BAKXK1bUc2JVe3Pf0HOasIWN0pEiQCmWRFQOs/L71hOkhYHBBVXbvQKfJc
         kjgQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=Fnsf9JVmldCwj17/T4Pm7vjcPfvBPFDi+GFZhD6kX/w=;
        b=AC0J8RQt+UyaUbOQvp0EFz/KHnyoZRHMG97UKBpVaOUgMc1YV3EoYRFP+2C3OhALZD
         sMJKdcWh8y+suYvoRdOU5KEfosv04hcke8zk857Ud6oRyLW4H69N0LDARTPnUlr86S+/
         zBY4t0WQWcFDJbFyT5k8vh38mWltKR+zQTcIMLV+dj6Z96XxISqY9wjgb5XTs4m7HrHJ
         CLt5XWt+UOpF52fY28EeURRijMslCYvxIHj2NfD4YL0eKPb6ATPqgrvDlnjL1eF62snL
         sDrLVu9nbelLVOtL97hB5Q+YF3R5VC79NE8kr6OscsldDDyyhtcmpLfxru4vQLckHxaW
         E/Lg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q2-v6si6891661plh.764.2018.02.12.23.45.02;
        Mon, 12 Feb 2018 23:45:17 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S933624AbeBMHoA (ORCPT <rfc822;gklkml16@gmail.com> + 99 others);
        Tue, 13 Feb 2018 02:44:00 -0500
Received: from mx3-rdu2.redhat.com ([66.187.233.73]:41326 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S933463AbeBMHn7 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 13 Feb 2018 02:43:59 -0500
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mx1.redhat.com (Postfix) with ESMTPS id 4B8D9404084B;
        Tue, 13 Feb 2018 07:43:59 +0000 (UTC)
Received: from localhost (ovpn-8-17.pek2.redhat.com [10.72.8.17])
        by smtp.corp.redhat.com (Postfix) with ESMTPS id 5827FAE7CC;
        Tue, 13 Feb 2018 07:43:57 +0000 (UTC)
Date:   Tue, 13 Feb 2018 15:43:55 +0800
From:   Baoquan He <bhe@redhat.com>
To:     "Eric W. Biederman" <ebiederm@xmission.com>
Cc:     linux-kernel@vger.kernel.org, mingo@kernel.org, tglx@linutronix.de,
        x86@kernel.org, douly.fnst@cn.fujitsu.com, joro@8bytes.org,
        uobergfe@redhat.com, prarit@redhat.com
Subject: Re: [PATCH v3 2/5] x86/apic: Fix restoring boot irq mode in reboot
 and kexec/kdump
Message-ID: <20180213074355.GD13253@localhost.localdomain>
References: <20180209121008.28980-1-bhe@redhat.com>
 <20180209121008.28980-3-bhe@redhat.com>
 <87r2pq9a60.fsf@xmission.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <87r2pq9a60.fsf@xmission.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 13 Feb 2018 07:43:59 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 13 Feb 2018 07:43:59 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'bhe@redhat.com' RCPT:''
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Eric,

On 02/11/18 at 09:08pm, Eric W. Biederman wrote:
> Baoquan He <bhe@redhat.com> writes:
> 
> > This is a regression fix.
> >
> > Before, to fix erratum AVR31, commit 522e66464467 ("x86/apic: Disable
> > I/O APIC before shutdown of the local APIC") moved lapic_shutdown()
> > calling after disable_IO_APIC(). This introdued a regression. The
> > root cause is that disable_IO_APIC() not only clears IO_APIC, also
> > restore boot irq mode by setting LAPIC/APIC/IMCR, lapic_shutdown()
> > after disable_IO_APIC() will disable LAPIC and ruin the possible
> > virtual wire mode setting which the code has been trying to do all
> > along.
> > To fix this, just break down disable_IO_APIC(), then call
> > clear_IO_APIC() to stop IO_APIC where disable_IO_APIC() was called,
> > and call restore_boot_irq_mode() to restore boot irq mode before
> > reboot or kexec/kdump jump.
> 
> Two things here.
> a) This is missing a fixes tag and a CC stable.
> b) What makes your change to the KEXEC_JUMP code path safe?
>    Have the lapic and ioapic already been shut down?
> 
> The KEXEC_JUMP changes to machine_kexec_32.c and machine_kexec_64.c
> either need to be documented in the change long why they are safe
> so that this change becomes obviously safe and correct.

Re-read the code, I have to admit I didn't check the KEXEC_JUMP code
path carefully. 

kernel_kexec() {
	if (kexec_image->preserve_context) {
		...
		freeze_processes();
		...
		disable_nonboot_cpus();
		...
		
	else {
		...
		machine_shutdown();
		...
	}
	machine_kexec(kexec_image);
	...
}

  --machine_shutdown()
    --native_machine_shutdown()
      --disable_IO_APIC()
      --lapic_shutdown()

machine_kexec() {
	...
	if (image->preserve_context) {
		disable_IO_APIC();
	}
	...
}

KEXEC_JUMP code path is different than kexec/kdump, it doesn't call
lapic_shutdown() before jump. So commit 522e66464467
("x86/apic: Disable I/O APIC before shutdown of the local APIC") didn't
impact it. And here I break down disable_IO_APIC() and change to only
call restore_boot_irq_mode() to make a possible danger. I am not an
expert on KEXEC_JUMP, and don't know how to test it, so will keep the
code implementation consistent as before. For now, I plan to change it
as below if you don't object. As you pointed out, I will describe this
in patch log. 

diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
index 1f790cf9d38f..cb0c2d0a4c99 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -297,7 +297,7 @@ void machine_kexec(struct kimage *image)
                 * one form or other. kexec jump path also need
                 * one.
                 */
-               disable_IO_APIC();
+		clear_IO_APIC();
+               restore_boot_irq_mode();
 #endif
        }




> 
> Otherwise we risk and trivial and obvious looking change causing another
> regression like changing the order of lapic_shutdown and disable_IOAPIC
> did.
> 
> Eric
> 
> 
> >
> > Signed-off-by: Baoquan He <bhe@redhat.com>
> > ---
> >  arch/x86/include/asm/io_apic.h     | 1 +
> >  arch/x86/kernel/apic/io_apic.c     | 2 +-
> >  arch/x86/kernel/crash.c            | 3 ++-
> >  arch/x86/kernel/machine_kexec_32.c | 2 +-
> >  arch/x86/kernel/machine_kexec_64.c | 2 +-
> >  arch/x86/kernel/reboot.c           | 3 ++-
> >  6 files changed, 8 insertions(+), 5 deletions(-)
> >
> > diff --git a/arch/x86/include/asm/io_apic.h b/arch/x86/include/asm/io_apic.h
> > index 558d1a6a13ad..0fa95bfacb39 100644
> > --- a/arch/x86/include/asm/io_apic.h
> > +++ b/arch/x86/include/asm/io_apic.h
> > @@ -193,6 +193,7 @@ static inline unsigned int io_apic_read(unsigned int apic, unsigned int reg)
> >  extern void setup_IO_APIC(void);
> >  extern void enable_IO_APIC(void);
> >  extern void disable_IO_APIC(void);
> > +extern void clear_IO_APIC(void);
> >  extern void restore_boot_irq_mode(void);
> >  extern int IO_APIC_get_PCI_irq_vector(int bus, int devfn, int pin);
> >  extern void print_IO_APICs(void);
> > diff --git a/arch/x86/kernel/apic/io_apic.c b/arch/x86/kernel/apic/io_apic.c
> > index 7b73b6b9b4b6..2d7cd2db77f5 100644
> > --- a/arch/x86/kernel/apic/io_apic.c
> > +++ b/arch/x86/kernel/apic/io_apic.c
> > @@ -587,7 +587,7 @@ static void clear_IO_APIC_pin(unsigned int apic, unsigned int pin)
> >  		       mpc_ioapic_id(apic), pin);
> >  }
> >  
> > -static void clear_IO_APIC (void)
> > +void clear_IO_APIC (void)
> >  {
> >  	int apic, pin;
> >  
> > diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c
> > index 10e74d4778a1..1f6680427ff0 100644
> > --- a/arch/x86/kernel/crash.c
> > +++ b/arch/x86/kernel/crash.c
> > @@ -199,9 +199,10 @@ void native_machine_crash_shutdown(struct pt_regs *regs)
> >  #ifdef CONFIG_X86_IO_APIC
> >  	/* Prevent crash_kexec() from deadlocking on ioapic_lock. */
> >  	ioapic_zap_locks();
> > -	disable_IO_APIC();
> > +	clear_IO_APIC();
> >  #endif
> >  	lapic_shutdown();
> > +	restore_boot_irq_mode();
> >  #ifdef CONFIG_HPET_TIMER
> >  	hpet_disable();
> >  #endif
> > diff --git a/arch/x86/kernel/machine_kexec_32.c b/arch/x86/kernel/machine_kexec_32.c
> > index edfede768688..f78bb4432bfb 100644
> > --- a/arch/x86/kernel/machine_kexec_32.c
> > +++ b/arch/x86/kernel/machine_kexec_32.c
> > @@ -199,7 +199,7 @@ void machine_kexec(struct kimage *image)
> >  		 * one form or other. kexec jump path also need
> >  		 * one.
> >  		 */
> > -		disable_IO_APIC();
> > +		restore_boot_irq_mode();
> >  #endif
> >  	}
> >  
> > diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
> > index 1f790cf9d38f..cb0c2d0a4c99 100644
> > --- a/arch/x86/kernel/machine_kexec_64.c
> > +++ b/arch/x86/kernel/machine_kexec_64.c
> > @@ -297,7 +297,7 @@ void machine_kexec(struct kimage *image)
> >  		 * one form or other. kexec jump path also need
> >  		 * one.
> >  		 */
> > -		disable_IO_APIC();
> > +		restore_boot_irq_mode();
> >  #endif
> >  	}
> >  
> > diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c
> > index 2126b9d27c34..725624b6c0c0 100644
> > --- a/arch/x86/kernel/reboot.c
> > +++ b/arch/x86/kernel/reboot.c
> > @@ -666,7 +666,7 @@ void native_machine_shutdown(void)
> >  	 * Even without the erratum, it still makes sense to quiet IO APIC
> >  	 * before disabling Local APIC.
> >  	 */
> > -	disable_IO_APIC();
> > +	clear_IO_APIC();
> >  #endif
> >  
> >  #ifdef CONFIG_SMP
> > @@ -680,6 +680,7 @@ void native_machine_shutdown(void)
> >  #endif
> >  
> >  	lapic_shutdown();
> > +	restore_boot_irq_mode();
> >  
> >  #ifdef CONFIG_HPET_TIMER
> >  	hpet_disable();