Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp2424681iob;
        Fri, 6 May 2022 02:31:57 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJygoAR4BBtALPdilRyFcMmLZLQxp4Ii3e7Erapdt1emWGlRa5NDcU+6IRfOFT7rHVY6hE2Y
X-Received: by 2002:a17:907:3da2:b0:6f4:78d8:7c23 with SMTP id he34-20020a1709073da200b006f478d87c23mr2120319ejc.233.1651829517008;
        Fri, 06 May 2022 02:31:57 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1651829517; cv=none;
        d=google.com; s=arc-20160816;
        b=gVLhuWpRmKyagOAnA5BH/JgY4U+19grsKZ9vOegT7J0RzTAw6Rvxwhphh+YJx4BOwG
         hgso8lC/RfT7bDvNQK5Z9ZbG8RVyWNjIERIxDZMVQ8AGo2OySbR3tpwZI+UsPAz8IceV
         vvXyY22EQxwQy0CZZ2SLwCo4ToOkJjG9KVIzfIcB7o7VS7uPfFiuyAsbBK+47VhHsut/
         es5qfkB2woc9stpX1bzp+pqRnsVJxC//AA5Qdvog/0mfEMBcFA8lKjwYcr34g1Z1mG0f
         KyPCNL77P2w162p1q7v1hf/5YJDuZbpBaAnm6zZpAf6uaVnxfkAskunkvL3IBozd3pf+
         4Mew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:user-agent:references:in-reply-to
         :subject:cc:to:from:message-id:date:dkim-signature;
        bh=ovhz+q+hoVd+atkl2AnJt8ZXAkPdzaeVI5C94G3LmPU=;
        b=B8vFo74y8RVGxBPXNAhMB+8Ldb9tXWCZI5Xed7XxMjWksBS/nruHPGhOwT6yQ0yUlA
         XZpvooFGDI2BcZHcIyIu/72zcGYYVxTt1DJ6kvjtevr6dQJArxbjPh/0ewTucuSvILec
         J0cfFcIPzNYx1a9ShZ3r+ZSDu6tgtW9GqTsW42zmszjjFDhtU6j8+vKdIiCPqT38gO5C
         6hTAyk8voU5cI9Nf/h8nTrc+HIhxEW/mjMQ/5HRhxdWJQj3ykMesBppFzmrHKCpQeA3v
         Wlq7PUUA4Gc8IpT53J+/aq5S2pbIGQL9Ws7XLAxjjRh/J/PGko+O5JISPoV/l0AtN6sr
         dOZw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=tkI5pCVl;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id r2-20020a170906364200b006df76385e29si4247757ejb.713.2022.05.06.02.31.33;
        Fri, 06 May 2022 02:31:56 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=tkI5pCVl;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1344400AbiEEHdA (ORCPT <rfc822;anothersharkwizard@gmail.com>
        + 99 others); Thu, 5 May 2022 03:33:00 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40372 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1344667AbiEEHcy (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 5 May 2022 03:32:54 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F231047AEF;
        Thu,  5 May 2022 00:29:12 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 8C38261CE9;
        Thu,  5 May 2022 07:29:12 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id E4F1EC385A4;
        Thu,  5 May 2022 07:29:11 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1651735752;
        bh=3F5JYiDZI5MLnm7uZGVodg2E+7gWDAjHwFt/B9Hgii0=;
        h=Date:From:To:Cc:Subject:In-Reply-To:References:From;
        b=tkI5pCVlh0Q8k9Skj3PToWNe7TkQE6dczw9b1XbChJwGiUw8vQJIdEGYExtDgtyDu
         dSPED1QOWv1YGUx33erJp1vMVEaoG2aWiqTSAdej1AZYVgU5tay7HBCMffxP7LRfMh
         0XTDAavxcgYvw77LF0soHRnjU2l0Mn4e9BwnRjPL7wmSPMx3RsDKVey54JDBCzgbWs
         vQv05u8V9dBp+fbXvOP7Ade3J737bGTbhpu7a0doZ+NsbYxqfhvgTuKShgqpvww5em
         XlYCnoLsBSUI8iPdRaDE/9N+YqriDKTARvowEqk2tSriSZyT0idrAk0tJgmO4CMPLg
         MmSlAVGQpqyEA==
Received: from 82-132-244-133.dab.02.net ([82.132.244.133] helo=wait-a-minute.misterjones.org)
        by disco-boy.misterjones.org with esmtpsa  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        (Exim 4.94.2)
        (envelope-from <maz@kernel.org>)
        id 1nmVvB-0098Td-CF; Thu, 05 May 2022 08:29:09 +0100
Date:   Thu, 05 May 2022 08:29:08 +0100
Message-ID: <874k24igjf.wl-maz@kernel.org>
From:   Marc Zyngier <maz@kernel.org>
To:     "Guilherme G. Piccoli" <gpiccoli@igalia.com>
Cc:     Catalin Marinas <catalin.marinas@arm.com>,
        will Deacon <will@kernel.org>,
        "Michael Kelley (LINUX)" <mikelley@microsoft.com>,
        Vitaly Kuznetsov <vkuznets@redhat.com>, mark.rutland@arm.com,
        Russell King <linux@armlinux.org.uk>,
        Ard Biesheuvel <ardb@kernel.org>, broonie@kernel.org,
        "linux-arm-kernel@lists.infradead.org" 
        <linux-arm-kernel@lists.infradead.org>,
        linux-kernel <linux-kernel@vger.kernel.org>,
        "linux-hyperv@vger.kernel.org" <linux-hyperv@vger.kernel.org>
Subject: Re: Should arm64 have a custom crash shutdown handler?
In-Reply-To: <427a8277-49f0-4317-d6c3-4a15d7070e55@igalia.com>
References: <427a8277-49f0-4317-d6c3-4a15d7070e55@igalia.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue)
 FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1
 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
X-SA-Exim-Connect-IP: 82.132.244.133
X-SA-Exim-Rcpt-To: gpiccoli@igalia.com, catalin.marinas@arm.com, will@kernel.org, mikelley@microsoft.com, vkuznets@redhat.com, mark.rutland@arm.com, linux@armlinux.org.uk, ardb@kernel.org, broonie@kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-hyperv@vger.kernel.org
X-SA-Exim-Mail-From: maz@kernel.org
X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false
X-Spam-Status: No, score=-7.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, 04 May 2022 21:00:42 +0100,
"Guilherme G. Piccoli" <gpiccoli@igalia.com> wrote:
> 
> Hi folks, this email is to ask feedback / trigger a discussion about the
> concept of custom crash shutdown handler, that is "missing" in arm64
> while it's present in many architectures [mips, powerpc, x86, sh (!)].
> 
> Currently, when we kexec in arm64, the function machine_crash_shutdown()
> is called as a handler to disable CPUs and (potentially) do extra
> quiesce work. In the aforementioned architectures, there's a way to
> override this function, if for example an hypervisor wish to have its
> guests running their own custom shutdown machinery.
>
> For powerpc/mips, the approach is a generic shutdown function that might
> call other handler-registered functions, whereas x86/sh relies in the
> "machine_ops" structure, having the crash shutdown as a callback in such
> struct.
> 
> The usage for that is very broad, but heavy users are hypervisors like
> Hyper-V / KVM (CCed Michael and Vitaly here for this reason). The
> discussion about the need for that in arm64 is from another thread [0],
> so before start implementing/playing with that, I'd like to ask ARM64
> community if there is any feedback and in case it's positive, what is
> the best implementation strategy (struct callback vs. handler call), etc.
> 
> I've CCed ARM64/ARM32 maintainers plus extra people I found as really
> involved with ARM architecture - sorry if I added people I shouldn't or
> if I forgot somebody (though the ARM mailing-list is CC).

I have the feeling that you are conflating two different things here:

(1) general shutdown/reboot, whether this because of a crash or not

(2) kexec, for which the whole point is that it is possible to handle
*everything* from within the kernel

On arm64:

(1) is already abstracted via PSCI. The hypervisor can do whatever it
wants there (KVM, not needing anything, just forwards this to
userspace for fun and profit -- if something has to be done, the VMM
is the right spot). I expect other hypervisors to do the same thing
(and that's what the architecture expects anyway).

(2) must, by definition, fit into the architectural envelope. If you
need help from another entity in the system to be able to kexec,
something is broken, because the hypervisor doesn't implement the
architecture correctly (and frankly, we really don't need much to be
able to kexec).

Not having any 'machine_ops' indirection was a conscious decision on
arm64, if only to avoid the nightmare that 32bit was at a time with
every single platform doing their own stuff. Introducing them would
not be an improvement, but simply the admission that hypervisors are
simply too broken for words. And I don't buy the "but x86 has it!"
argument. x86 is a nightmare of PV mess that we can happily ignore,
because we don't do PV for core operations at all.

If something has to be done to quiesce the system, it probably is
related to the system topology, and must be linked to it. We already
have these requirements in order to correctly stop ongoing DMA, shut
down IOMMUs, and other similar stuff. What other requirements does
your favourite hypervisor have?

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.