[tip: ras/core] x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel

From: tip-bot2 for Zhiquan Li
Date: Mon Oct 23 2023 - 08:56:05 EST

Next message: Krzysztof Wilczyński: "Re: linux-next: build failure after merge of the pci tree"
Previous message: Arnd Bergmann: "Re: [PATCH] vfio: mlx5, pds: add IOMMU_SUPPORT dependency"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The following commit has been merged into the ras/core branch of tip:

Commit-ID: 1d11b153d23b5fd131d4ea125ff23c9e8ebc98ab
Gitweb: https://git.kernel.org/tip/1d11b153d23b5fd131d4ea125ff23c9e8ebc98ab
Author: Zhiquan Li <zhiquan1.li@xxxxxxxxx>
AuthorDate: Mon, 23 Oct 2023 12:22:37 +08:00
Committer: Borislav Petkov (AMD) <bp@xxxxxxxxx>
CommitterDate: Mon, 23 Oct 2023 14:53:13 +02:00

x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel

Memory errors don't happen very often, especially fatal ones. However,
in large-scale scenarios such as data centers, that probability
increases with the amount of machines present.

When a fatal machine check happens, mce_panic() is called based on the
severity grading of that error. The page containing the error is not
marked as poison.

However, when kexec is enabled, tools like makedumpfile understand when
pages are marked as poison and do not touch them so as not to cause
a fatal machine check exception again while dumping the previous
kernel's memory.

Therefore, mark the page containing the error as poisoned so that the
kexec'ed kernel can avoid accessing the page.

[ bp: Rewrite commit message and comment. ]

Co-developed-by: Youquan Song <youquan.song@xxxxxxxxx>
Signed-off-by: Youquan Song <youquan.song@xxxxxxxxx>
Signed-off-by: Zhiquan Li <zhiquan1.li@xxxxxxxxx>
Signed-off-by: Borislav Petkov (AMD) <bp@xxxxxxxxx>
Reviewed-by: Naoya Horiguchi <naoya.horiguchi@xxxxxxx>
Link: https://lore.kernel.org/r/20231014051754.3759099-1-zhiquan1.li@xxxxxxxxx
---
arch/x86/kernel/cpu/mce/core.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)

diff --git a/arch/x86/kernel/cpu/mce/core.c b/arch/x86/kernel/cpu/mce/core.c
index 0214d42..a25e692 100644
--- a/arch/x86/kernel/cpu/mce/core.c
+++ b/arch/x86/kernel/cpu/mce/core.c
@@ -44,6 +44,7 @@
#include <linux/sync_core.h>
#include <linux/task_work.h>
#include <linux/hardirq.h>
+#include <linux/kexec.h>

#include <asm/intel-family.h>
#include <asm/processor.h>
@@ -233,6 +234,7 @@ static noinstr void mce_panic(const char *msg, struct mce *final, char *exp)
struct llist_node *pending;
struct mce_evt_llist *l;
int apei_err = 0;
+ struct page *p;

/*
* Allow instrumentation around external facilities usage. Not that it
@@ -286,6 +288,18 @@ static noinstr void mce_panic(const char *msg, struct mce *final, char *exp)
if (!fake_panic) {
if (panic_timeout == 0)
panic_timeout = mca_cfg.panic_timeout;
+
+ /*
+ * Kdump skips the poisoned page in order to avoid
+ * touching the error bits again. Poison the page even
+ * if the error is fatal and the machine is about to
+ * panic.
+ */
+ if (kexec_crash_loaded()) {
+ p = pfn_to_online_page(final->addr >> PAGE_SHIFT);
+ if (final && (final->status & MCI_STATUS_ADDRV) && p)
+ SetPageHWPoison(p);
+ }
panic(msg);
} else
pr_emerg(HW_ERR "Fake kernel panic: %s\n", msg);

Next message: Krzysztof Wilczyński: "Re: linux-next: build failure after merge of the pci tree"
Previous message: Arnd Bergmann: "Re: [PATCH] vfio: mlx5, pds: add IOMMU_SUPPORT dependency"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]