Re: [RFC PATCH v4 3/3] acpi: apei: Do not panic() on PCIe errors reported through GHES

From: Alex G.
Date: Fri May 11 2018 - 11:54:19 EST

Next message: Lukas Wunner: "Re: [PATCH v16 5/9] PCI/AER: Factor out error reporting from AER"
Previous message: Alexander Popov: "Re: [PATCH 2/2] arm64: Clear the stack"
In reply to: Borislav Petkov: "Re: [RFC PATCH v4 3/3] acpi: apei: Do not panic() on PCIe errors reported through GHES"
Next in thread: Borislav Petkov: "Re: [RFC PATCH v4 3/3] acpi: apei: Do not panic() on PCIe errors reported through GHES"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 05/11/2018 10:40 AM, Borislav Petkov wrote:
> On Mon, Apr 30, 2018 at 04:33:52PM -0500, Alexandru Gagniuc wrote:
>> The policy was to panic() when GHES said that an error is "Fatal".
>> This logic is wrong for several reasons, as it doesn't take into
>> account what caused the error.
>>
>> PCIe fatal errors indicate that the link to a device is either
>> unstable or unusable. They don't indicate that the machine is on fire,
>> and they are not severe enough that we need to panic(). Instead of
>> relying on crackmonkey firmware, evaluate the error severity based on
> ^^^^^^^^^^^^
>
> Please keep the smartass formulations for the ML only and do not let
> them leak into commit messages.

You're right. The monkeys are not crack. Instead, what a lot of
manufacturers do is maintain large monkey farms with electronic
typewriters. Given a sufficiently large farm, they take those results
which compile. Of those results, they pick and ship the one that takes
longest to boot, without the customers complaining.

That being clarified, should I replace "crackmonkey" with "broken" in
the commit message?

(snip)

>> +/* PCIe errors should not cause a panic. */
>> +static int ghes_sec_pcie_severity(struct acpi_hest_generic_data *gdata)
>> +{
>> + struct cper_sec_pcie *pcie_err = acpi_hest_get_payload(gdata);
>> +
>> + if (pcie_err->validation_bits & CPER_PCIE_VALID_DEVICE_ID &&
>> + pcie_err->validation_bits & CPER_PCIE_VALID_AER_INFO &&
>> + IS_ENABLED(CONFIG_ACPI_APEI_PCIEAER))
>
> How is PCIe error severity dependent on whether the AER error reporting
> driver is enabled (and possibly not even loaded) on the system?

Borislav, I sense some confusion. AER is not a "reporting" driver. It
handles the errors. You can't leave these errors unhandled. They
propagate to the root complex and can cause fatal MCEs when not handled.
The window to handle the error is pretty large, so it's not a concern
when you're handling it.

Alex

>> + return CPER_SEV_RECOVERABLE;
>> +
>> + return ghes_cper_severity(gdata->error_severity);
>> +}
>> +/*
>

Next message: Lukas Wunner: "Re: [PATCH v16 5/9] PCI/AER: Factor out error reporting from AER"
Previous message: Alexander Popov: "Re: [PATCH 2/2] arm64: Clear the stack"
In reply to: Borislav Petkov: "Re: [RFC PATCH v4 3/3] acpi: apei: Do not panic() on PCIe errors reported through GHES"
Next in thread: Borislav Petkov: "Re: [RFC PATCH v4 3/3] acpi: apei: Do not panic() on PCIe errors reported through GHES"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]