Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp3970374ybl; Tue, 21 Jan 2020 10:21:00 -0800 (PST) X-Google-Smtp-Source: APXvYqxWh6Cm6BC+wCbA1oN3jI3iJgaQEn3gmpxPtoiOZBIqOL5J7QCCCg02c7w9zMy87PyzX3Yh X-Received: by 2002:aca:ef82:: with SMTP id n124mr4090559oih.88.1579630860695; Tue, 21 Jan 2020 10:21:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1579630860; cv=none; d=google.com; s=arc-20160816; b=wXewJr1AwZmvGt2HsWuxddfVLuKZyVLMs8d6J1L35tUPTCZmQT0SBFWE6phH98P2OX BFmhSBtdUUDHqmunLa7oR6nI7X8hUXQ+GdrboOjGds/vILdLjiuM07AiE4GpSSZEfOTr DmcD1bwFggv99TrW9Y3ru/NGiN9BT62282R5U1zTzCIINcIzL00t6KdNBgFhMjDu8TGT xg3D9GbMYZKtsB3ePZ+LnY3vbsZzIeo3P6yinbkZy9UCzRCWlkp/mPiO2cywHX+faSFs H2LX4T09sV/VVX+BMP2ahEYrt5aNmRNmBARvIFsLWXCAyk0QM2/Db5159OQFdoVt1vs7 m8Ig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=MPPAUbtl1pWd/XlXmuiA2OLuD6Ztr+4J9wOhUtnCkzM=; b=TJTmNUwAEuVM/Npi0gvUaygZ5m7xlDpZa7e2CeEOJAjHqHXA4QuHi0cQoOj04HSQr0 nnaSlgstJ0sqWS3T2cH366y0H7syhOLt8NvT4SsWEuBolTYC65CjHEkVjoAx3K6pftUM HgUrc4/RlCN+XYfmLKbuiAuH6LwPLp/clrF6kDrZppNpY3W4NFaCDnNbCjdqOi8S8eRe nfEQfTr/64b7KySVsBJboYoF5ZWvnmBo+v/Tl27B+QQqijZ+Z/awIy63jKy0FamN3H2Y LhpKdPoaEsJkuAg4dq2gk+VQuyFFuUJYGbH+PuwWxftnFmOrqvyiu8YFPuRp/FpMr1f+ I0oA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z1si22176480otp.70.2020.01.21.10.20.45; Tue, 21 Jan 2020 10:21:00 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729147AbgAUSTs (ORCPT + 99 others); Tue, 21 Jan 2020 13:19:48 -0500 Received: from gecko.sbs.de ([194.138.37.40]:59271 "EHLO gecko.sbs.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728186AbgAUSTr (ORCPT ); Tue, 21 Jan 2020 13:19:47 -0500 X-Greylist: delayed 660 seconds by postgrey-1.27 at vger.kernel.org; Tue, 21 Jan 2020 13:19:45 EST Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by gecko.sbs.de (8.15.2/8.15.2) with ESMTPS id 00LI8VZ3031796 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 21 Jan 2020 19:08:31 +0100 Received: from [167.87.4.158] ([167.87.4.158]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id 00LI8T8P017464; Tue, 21 Jan 2020 19:08:30 +0100 Subject: Re: [FYI PATCH 0/7] Mitigation for CVE-2018-12207 To: Ralf Ramsauer , Dave Hansen , Paolo Bonzini , linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: "Gupta, Pawan Kumar" References: <1573593697-25061-1-git-send-email-pbonzini@redhat.com> <23353382-53ea-8b20-7e30-763ef6df374c@siemens.com> <60b2a488-74b8-897c-4b25-e228d3fe7d55@oth-regensburg.de> From: Jan Kiszka Message-ID: <9f8b95d1-7b5f-d16d-2e5a-52f4b9cd0922@siemens.com> Date: Tue, 21 Jan 2020 19:08:29 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.3.0 MIME-Version: 1.0 In-Reply-To: <60b2a488-74b8-897c-4b25-e228d3fe7d55@oth-regensburg.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 18.11.19 14:58, Ralf Ramsauer wrote: > Hi Dave, > > On 11/14/19 9:09 AM, Jan Kiszka wrote: >> On 13.11.19 22:24, Dave Hansen wrote: >>> On 11/13/19 12:23 AM, Paolo Bonzini wrote: >>>> On 13/11/19 07:38, Jan Kiszka wrote: >>>>> When reading MCE, error code 0150h, ie. SRAR, I was wondering if that >>>>> couldn't simply be handled by the host. But I suppose the symptom of >>>>> that erratum is not "just" regular recoverable MCE, rather >>>>> sometimes/always an unrecoverable CPU state, despite the error code, >>>>> right? >>>> The erratum documentation talks explicitly about hanging the system, but >>>> it's not clear if it's just a result of the OS mishandling the MCE, or >>>> something worse.  So I don't know. :(  Pawan, do you? >>> >>> It's "something worse". >>> >>> I built a kernel module reproducer for this a long time ago.  The >>> symptom I observed was the whole system hanging hard, requiring me to go >>> hit the power button.  The MCE software machinery was not involved at >>> all from what I could tell. >> >> Thanks for clarifying this - too bad. >> >>> >>> About creating a unit test, I'd be personally happy to share my >>> reproducer, but I built it before this issue was root-caused.  There are > > I'd appreciate if you could share your code. > >>> actually quite a few underlying variants and a good unit test would make >>> sure to exercise all of them.  My reproducer probably only exercised a >>> single case. > > Still, it triggers the issue, that's enough to compare it to my reproducer. > >>> >> >> Would be interesting to see this. Ralf and tried something quickly, but >> there seems to be a detail missing or wrong. > > Yep, we still can't reproduce the issue on an affected CPU, and don't > know what we miss. I just realized that this thread stranded. Ralf told me that he got no access to that reproducer which would be very valuable for us right now to validate a static mitigation method in Jailhouse. Any chance to get the access? Thanks a lot, Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux