Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp4557699pxb; Thu, 14 Oct 2021 07:35:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzryMWK8z2HbGUdk1qmfQT57JhAycJcQUm9jt71pItJLlTJMM2gcr0lag/ybxSbtY+CbZa8 X-Received: by 2002:a17:90b:1a91:: with SMTP id ng17mr6595863pjb.61.1634222137264; Thu, 14 Oct 2021 07:35:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634222137; cv=none; d=google.com; s=arc-20160816; b=FiY7qX2iX+5WlDP3MfDpxAo9igQdg5T2fkKr2dccdsqbLzpt8NXzBC9YSS3IJijjc9 /n94+HXwF+9TjjTZoIYxV74Kb9ql3HpCKRByTw2/XxbmDuOSKbIpBAc+wE4N30QHzCde AuMF5ivjDXawQAEJ2vsCyjh/FnXxoEdmVlIWgRVCYnf/GWy4PdauE2dik1M5QCZmuQ/6 ZbexDS/6x/tTmS6W3eGAPtyttrJU686MVRSl4o3xDsK94afX+l0wsPXMhqP+8CCnzP7m u8bHKm1efGH0PzicXanYiP5yWFFusLFbskaomjAtSqjBEwksy5svTQYnAkkkUP5NQnqF NNZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to :mime-version:user-agent:date:message-id:from:references:cc:to :subject; bh=oLxsCcAV+tGIdLNCW1bq9fF8NsvQ69jB4L7gAHROGUs=; b=aNT+YOky9Tqx36DRtwkxDePuqZHrz+OTwBz4Rgt+xe5j3WGgLprtfNYOtO7h3nSWKx wSJQtXGav72JZ15a3+0XBHkCve8udjKiwhHSgYwf+90feB7y2Pk1s/C0wZwtN6pHCqly rF+JdFGvfIFo7rttoZGz1aU7n2lgeDUvB3Ov9jRBUUztImIXIzDMIfL/Cti6sxVgj1vz VNVUmy5V64+xM4OiZlmN9wHlzmHDp0tWGdwLUuRT7tT2hVV/holh605XLIP9QRI7+lUS oVMwCdQwFHn3t1F2XW7/zT4o6EBD+QjV7YfUkYcAQqD2TGg9FgQ8e1H0yLPz2fyPSCtU Xm+A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w12si3701792pgr.318.2021.10.14.07.35.23; Thu, 14 Oct 2021 07:35:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231782AbhJNOWw (ORCPT + 99 others); Thu, 14 Oct 2021 10:22:52 -0400 Received: from out30-133.freemail.mail.aliyun.com ([115.124.30.133]:35621 "EHLO out30-133.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230213AbhJNOWv (ORCPT ); Thu, 14 Oct 2021 10:22:51 -0400 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R761e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e04395;MF=zhangliguang@linux.alibaba.com;NM=1;PH=DS;RN=9;SR=0;TI=SMTPD_---0Urs.kf._1634221243; Received: from 30.13.156.201(mailfrom:zhangliguang@linux.alibaba.com fp:SMTPD_---0Urs.kf._1634221243) by smtp.aliyun-inc.com(127.0.0.1); Thu, 14 Oct 2021 22:20:44 +0800 Subject: Re: [PATCH V2] ACPI / APEI: restore interrupt before panic in sdei flow To: James Morse Cc: linux-acpi@vger.kernel.org, linux-kernel@vger.kernel.org, Tony Luck , linux-arm-kernel@lists.infradead.org, Borislav Petkov , Len Brown , "Rafael J. Wysocki" , huangming@linux.alibaba.com References: <20211012142910.9688-1-zhangliguang@linux.alibaba.com> <5951ad5b-d755-0150-0f2a-c567eb454dac@arm.com> From: =?UTF-8?B?5Lmx55+z?= Message-ID: Date: Thu, 14 Oct 2021 22:18:54 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 MIME-Version: 1.0 In-Reply-To: <5951ad5b-d755-0150-0f2a-c567eb454dac@arm.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, 在 2021/10/14 1:44, James Morse 写道: > Hello! > > On 12/10/2021 15:29, Liguang Zhang wrote: >> When hest acpi table configure Hardware Error Notification type as >> Software Delegated Exception(0x0B) for RAS event, OS RAS interacts with >> ATF by SDEI mechanism. On the firmware first system, OS was notified by >> ATF sdei call. >> >> The calling flow like as below when fatal RAS error happens: >> >> ATF notify OS flow: >> sdei_dispatch_event() >> ehf_activate_priority() >> call sdei callback // callback registered by OS >> ehf_deactivate_priority() >> >> OS sdei callback: >> sdei_asm_handler() >> __sdei_handler() >> _sdei_handler() >> sdei_event_handler() >> ghes_sdei_critical_callback() >> ghes_in_nmi_queue_one_entry() >> /* if RAS error is fatal */ >> __ghes_panic() >> panic() >> >> If fatal RAS error occured, panic was called in sdei_asm_handle() >> without ehf_deactivate_priority executed, which lead interrupt masked. > So far the story is: > Firmware generated and SDEI event (a kind of software NMI) because of a firmware > interrupt, but it hasn't completely handled the interrupt. > > >> If interrupt masked, system would be halted in kdump flow like this: >> >> arm-smmu-v3 arm-smmu-v3.3.auto: allocated 65536 entries for cmdq >> arm-smmu-v3 arm-smmu-v3.3.auto: allocated 32768 entries for evtq >> arm-smmu-v3 arm-smmu-v3.3.auto: allocated 65536 entries for priq >> arm-smmu-v3 arm-smmu-v3.3.auto: SMMU currently enabled! Resetting... > How and why do firmware interrupts affect the IOMMU? > > It sounds like you are sharing something with firmware that you shouldn't. > > >> After debug, we found accurate halted position is: >> arm_smmu_device_probe() >> arm_smmu_device_reset() >> arm_smmu_device_disable() >> arm_smmu_write_reg_sync() >> readl_relaxed_poll_timeout() >> readx_poll_timeout() >> read_poll_timeout() >> usleep_range() // hrtimer is never waked. >> >> So interrupt should be restored before panic otherwise kdump will trigger >> error. > Why can't firmware finish with the interrupt before injecting the SDEI event? > If you need it to not happen a second time while the handler runs, you can always disable it. > > The text in the spec about the interaction of complete and physical interrupts is for > bound interrupts. Linux doesn't support these. It isn't possible for linux to know whether > firmware tied any other kind of event to a physical interrupt or not. > > >> In the process of sdei, a SDEI_EVENT_COMPLETE_AND_RESUME call >> should be called before panic for a completed run of ehf_deactivate_priority(). > SDEI_EVENT_COMPLETE_AND_RESUME is a complete, it tells firmware to restore the execution > state from before the event. You get almost get away with x17-x30 being corrupted as > panic() won't return - but the stack trace produced will be corrupt. If the original > exception was from user-space, SP_EL0 will have been restored to be the user value. The > kernel uses this for 'current'. > > > The way this is supposed to work is the die-ing kernel calls SDEI_PE_MASK while it does > the kdump reboot. Once the kdump kernel has started, the SDEI_PRIVATE_RESET and > SDEI_SHARED_RESET calls should fix anything left over in firmware. > > > Could you debug why firmware interrupts being active prevent the SMMU from being reset. As > far as I can tell, those should be totally independent. If ehf_deactivate_priority() was not executed, pmr_el1 register was not resumed to >0x80, which leads non-secure interrupts masked. arm_smmu_device_probe() finally called usleep_range() which based on hrtimer. Because non-secure timer interrupts was masked, usleep_range would not reponse. Thanks. Liguang > > > Thanks, > > James