Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1627585pxb; Mon, 8 Mar 2021 02:17:41 -0800 (PST) X-Google-Smtp-Source: ABdhPJy5MhymGEVGi822XVoS1UDg40rfWGa9pgb3JksSjUKjTiYCP6H1V5UddvM4fEkplduJmjLS X-Received: by 2002:aa7:cf14:: with SMTP id a20mr21234367edy.49.1615198661725; Mon, 08 Mar 2021 02:17:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615198661; cv=none; d=google.com; s=arc-20160816; b=UFuaLFAejIWMqpFA0+cxEYwlwr/nuXwN4n7O2fhYeotKvj2NE8OmdxNwKi5AhxF+y2 82GhFuWtl+IwL1H17vkYqV+X6NHyunw2f6DGgZOez9j+B0oZOvU51Ecq1sgZUSA74NRU cXiaMAfkTnlwWqkHJxkrgG6wIJxKkngR8GVKXzLXjUroOGCVzfnUCd+XXh8z4OhWzfyL uNgicypBFKc60PW+5sYExrXdDyVWs4BKk1OF4lNuUPqFlNQe0uSRIlcrjBJlHDykWkPW kZ3an++8guqe+yPYEMAGwdq8rDaDtDQRHcGEkLkQMUEVp6EfqD01kIvx5e04qWCi7y9T nisA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date; bh=KP2mh6Js9HR9syg2h+RXZK63SjDYhikoS54r+KgVMNw=; b=FJqt11Y/QM4NcThWijMWa1cH8YJXwHVLS7D3wlAS9W67q3Z8qBCNhxNCqe/wjGBuzd +ymb9FjkchEWFL1BACZ3+jiI95ep5aZCyBe7bf8mv4IU+8R8k7MzHcOxQsbGCzPgP+B8 e9LL4/QPmGwQaZCQkvFiesxOQZfpIAIAkbSXVgYDx/CRrHZ3XDN3GlaR0ga4CxddfhLN 0+e/F30Emv4qVD8ZX5R2sV8bml8lXlylGxifK/lrBIt8udweg0lLgsbkSiQlC4BDY1la PsbDHE18BnqzbmEZbvka9JUohP1ES/uoiiYLsMEwP4JewY6FpQjeSiwjSDSTMYC4YB38 lpaQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id lc20si3091571ejb.492.2021.03.08.02.17.19; Mon, 08 Mar 2021 02:17:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230126AbhCHJtq convert rfc822-to-8bit (ORCPT + 99 others); Mon, 8 Mar 2021 04:49:46 -0500 Received: from mail.kingsoft.com ([114.255.44.146]:46845 "EHLO mail.kingsoft.com" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S230039AbhCHJtP (ORCPT ); Mon, 8 Mar 2021 04:49:15 -0500 X-AuditID: 0a580155-713ff700000550c6-67-6045ebaa5450 Received: from mail.kingsoft.com (localhost [10.88.1.32]) (using TLS with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mail.kingsoft.com (SMG-2-NODE-85) with SMTP id 7E.F0.20678.AABE5406; Mon, 8 Mar 2021 17:17:30 +0800 (HKT) Received: from alex-virtual-machine (172.16.253.254) by KSBJMAIL2.kingsoft.cn (10.88.1.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1979.3; Mon, 8 Mar 2021 17:49:12 +0800 Date: Mon, 8 Mar 2021 17:49:12 +0800 From: Aili Yao To: Andy Lutomirski CC: "Luck, Tony" , Andy Lutomirski , HORIGUCHI NAOYA , Dave Hansen , Peter Zijlstra , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , X86 ML , , Linux-MM , LKML , Subject: Re: [PATCH v3] x86/fault: Send a SIGBUS to user process always for hwpoison page access. Message-ID: <20210308174912.4ac9029a@alex-virtual-machine> In-Reply-To: References: <8d0c76f97f35499f91a2b82d3e7c024d@intel.com> <59469ECC-5316-4074-98EF-52FFF7940818@amacapital.net> <20210303202402.384265a3@alex-virtual-machine> <20210303205129.0a66f7a7@alex-virtual-machine> Organization: kingsoft X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.30; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8BIT X-Originating-IP: [172.16.253.254] X-ClientProxiedBy: KSBJMAIL1.kingsoft.cn (10.88.1.31) To KSBJMAIL2.kingsoft.cn (10.88.1.32) X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrAIsWRmVeSWpSXmKPExsXCFcGooLvqtWuCwfLvQhafN/xjs3ixoZ3R YtpGcYvLu+awWdxb85/VYvXaBlaL87vWslpcOrCAyeJi4wFGi+O9B5gsNm+aymzx5sI9Fosf Gx6zOvB6fG/tY/G4/+Yvi8fmFVoei/e8ZPLYtKqTzWPTp0nsHu/OnWP3mHcy0OPF1Y0sHu/3 XWXz+LxJzuNEyxfWAJ4oLpuU1JzMstQifbsEroyew+0sBacEKiZfPcnewPiQp4uRk0NCwESi /fYWpi5GLg4hgelMEm1HfrGAJIQEXjJK/Jok2MXIwcEioCKx5T0TSJhNQFVi171ZrCC2iICm xMsp81lAepkFXjJLbHszixkkISyQLHFm0gNGEJtXwEpi/eFrYHFOgUCJTdtesEAsm8kk0f/q H1iCX0BMovfKfyaIi+wl2rYsgmoWlDg58wnYQcxA21q3/2aHsLUlli18zQxxqKLE4SW/2CF6 lSSOdM9gg7BjJZbNe8U6gVF4FpJRs5CMmoVk1AJG5lWMLMW56UabGCGRGLqDcUbTR71DjEwc jIcYJTiYlUR4e3ucE4R4UxIrq1KL8uOLSnNSiw8xSnOwKInz7j3mmiAkkJ5YkpqdmlqQWgST ZeLglGpgcrI5oHCji3d3+PtvHBVLN10+stnkmb2xzSOnu6o7oj49lFG/t+6giOcytRvz/C54 al4tunCjfFPIyrsL450tvggfZd89pSi5/d3x5xMn/7ju9HKd3u9l+y4pvxI6Z50xX1zr+Jy9 H3cVff5+6apD4hPBSc2bM+TKLb44HxLfumya9xmT66u4f2+NUUldPztVMNTzts+BuVPvr6tN 2rW3OGrHG8PDbKHPLYO3XZvcMuP4L3573dXJnCanUtNXyRnW8+Q2Pn1h/27G7psz7+7b0vd9 +W8N422x7tui5F3YW/jj11sKCWyyFL1dzarOwjf/9ZwX7/pm3n13qIbxTLXAIX4z9uCpfvfl hAUz3Y60rYpTYinOSDTUYi4qTgQA81gYLDMDAAA= Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, 7 Mar 2021 11:16:24 -0800 Andy Lutomirski wrote: > > > > >> Some programs may use read(2), write(2), etc as ways to check if > > > > >> memory is valid without getting a signal. They might not want > > > > >> signals, which means that this feature might need to be configurable. > > > > > > > > > > That sounds like an appalling hack. If users need such a mechanism > > > > > we should create some better way to do that. > > > > > > > > > > > > > Appalling hack or not, it works. So, if we’re going to send a signal to user code that looks like it originated from a bina fide architectural recoverable fault, it needs to be recoverable. A load from a failed NVDIMM page is such a fault. A *kernel* load is not. So we need to distinguish it somehow. > > > > > > Sorry for my previous mis-understanding, and i have some questions: > > > if programs use read,write to check if if memory is valid, does it really want to cover the poison case? > > I don't know. > > > > When for such a case, an error is returned, can the program realize it's hwposion issue not other software error and process correctly? > > Again, I don't know. But changing the API like this seems potentialy > dangerous and needs to be done with care. > > > > > > > if this is the proper action, the original posion flow in current code from read and write need to change too. > > > > > > > Sorry, another question: > > When programs use read(2), write(2) as ways to check if memory is valid, does it really want to check if the user page the program provided is valid, not the destination or disk space valid? > > They may well be trying to see if their memory is valid. Thanks for your reply, and I don't know what to do. For current code, if user program write to a block device(maybe a test try) and if its user copy page corrupt when in kernel copy, the process is killed with a SIGBUS. And for the page fault case in this thread, the process is error returned. -- Thanks! Aili Yao