Re: [PATCH] i386: improve double fault handling

[Chuck Ebbert]

Ingo Molnar wrote:
> All CPUs hitting a double fault simultaneously and corrupting each 
> others' kernel stack is a theoretical possibility - but is handling it 
> worth the complexity? It appears to me that a lock plus a short stub 
> function that takes the lock (with no stack usage) would handle that 
> much better.

That can't happen now because the TSS gets marked busy so we will get a
triple fault instead. One thing we might want to do in the current code
is unset the busy flag after handling the fault and before we start looping
at the end of the handler so we can handle another fault later.

> So i'm really uneasy about all this. Breakage in such rarely used code 
> gets found very late, and has thus a high risk of losing debug 
> information when we need it the most. (i.e. it works in the exact 
> _opposite_ way of the intented goal of making things more robust - it 
> makes things less robust)

Also how much bloat does this cause, having a per-CPU TSS and stack for every
fault handler that uses this method?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/