Re: [patch V4 part 1 29/36] x86/mce: Send #MC singal from task work
From: Andy Lutomirski
Date: Thu May 14 2020 - 12:19:38 EST
> On May 14, 2020, at 9:03 AM, Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx> wrote:
>
> ï----- On May 14, 2020, at 10:17 AM, Borislav Petkov bp@xxxxxxxxx wrote:
>
>> + Tony.
>>
>>> On Tue, May 05, 2020 at 03:16:31PM +0200, Thomas Gleixner wrote:
>>> From: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
>>>
>>> Convert #MC over to using task_work_add(); it will run the same code
>>> slightly later, on the return to user path of the same exception.
>>>
>>> Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
>>> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
>>> Reviewed-by: Frederic Weisbecker <frederic@xxxxxxxxxx>
>>> ---
>>> arch/x86/kernel/cpu/mce/core.c | 56 ++++++++++++++++++++++-------------------
>>> include/linux/sched.h | 6 ++++
>>> 2 files changed, 37 insertions(+), 25 deletions(-)
>>
>> I like this:
>>
>> Reviewed-by: Borislav Petkov <bp@xxxxxxx>
>
> What I am not fully grasping here is whether this patch preserves the instruction
> pointer (and possibly other relevant information for siginfo_t) triggering the
> exception in a scenario where we have:
>
> - #MC triggered, queuing task work,
> - unrelated signal happens to be delivered to task,
> - exit to usermode loop handles do_signal first,
> - then it runs task work.
If anyone wants to ponder this, I suspect that we have lots of delightful bugs in our handling of cr2, trapnr, and error_code in signals. We should move them to the sigcontext, at least in kernel, and fix up ucontext when we deliver the signal. The current code canât possibly be correct.